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, 5) EDIÍTORIAL 


WELCOME TO ANOTHER ISSUE OF FULL CIRCLE. 


ne up, one down. Elmer has had to take the month off from LibreOffFice, but Greg is 

back for a guick Python column. Gregss been pretty sick these days, so if voure a 
Python fan feel free to email him a get-well-soon message: greg.gregwa ogmail.com. We 
have a double install this month - one article shows how you can install an absolute 
minimalistic Xubuntu install, and one article shows how you can install "buntu alongside 
Windows 10. Even if your machine has the evil UEFI enabled in the BIOS. 


While YouTube recently announced a dedicated streaming service for games, theress 
always been Twitch. Oscar uses his Ubuntu Games column this month to discuss how to 
broadcast to Twitch using the Open Broadcaster Software (OB9). F/d love to do something 
like this, but my upload speed is nothing short of dire. OF course, OBS isn t just for games; it 
can broadcast anything from your machine. 


By the time you read this, the latest OTA update (7 in the case of my Meizu) for Ubuntu 
phones should have been unleashed. To coincide with that, Lucas has dedicated his C8gC this 
month (and next month) to coding for Ubuntu phones. The apps for Ubuntu phones were 
sparse, but theyre getting better all the time. Two of my favourites have just been updated: 
Activity Tracker and uNav. Activity Tracker can track (via GPS) your walking, running or (in 
my case) cycling. Its not as sophisticated as some of its Android eguivalents, but you can still 
go back and look at your route on the map. And Chris is always updating it. While uNav was 
always a route finder for cars, its developer (Marcos) has added features to 
now allow it to give route advice on cycle routes. I ve not tried it yet, but will [n] [n] 
report back on it soon. " 


All the best, and keep in touch! 
Ronnie 


ronnieofullcirclemagazine.org [n] 


full circle magazine 4102 o 3 


This magazine was created using : 


scRiBUS / p— 


LibreOffice 


The Document Foundation 


CIEA íve 
commons 


Find Full Circle on: ka 


eg g00.gl/FRTMI 
GEN 


f facebook.com/fullcircle 


magazine azine 


e twitter.com/tt!/fullcirclema 


a http://issuu.com/fullcircle 
KELETT 


https://plav.google.com 


/store/books/author?id- 


Ronnie-tTucker 


Wey http://www.magzter.com/ 
publishers/Eull-Circle 


ri contents 5 


4 
e 
2 
Vz 


Sa — 


LINUX CREATOR EXPLAINS 
WHY A TRULY SECURE 
COMPUTING PLATFORM WILL 
NEVER EXIST 


peaking at LinuxCon 2015 last 

month, Linus Torvalds talked 
about security as something 
unattainable in a perfect sense, 
something he expanded on with 
BGR. He thinks, for example, its 
meaningless to ask what 
computing platform today is the 
most secure. 


The most secure platform, he 
offers in response, is something 
thats "not actually usable." 


"Unplug the network cable and 


instantiate draconian measures for : ; 
: the x86 processors from Advanced : 


: Micro Devices (NASDAO:AMD). 

: Conseguentbly, its imitator, Xiaomi, 
: is also unlikely to use them in its 

: first laptop product. Intels huge 

: RAD spending has made its x86 

: CPUs higher performing than 

: AMDS best processors. 


physical security," he said. "Youll 
make sure nobody can get in, but 
you ll also make sure that nobody 
actually wants to use the platform. 
And that may sound like an 
extreme case, but its a very 
fundamental issue in security. You 
cannot look at security as 
something separate." 


Torvalds says hess butted heads 


; with the security community 
: because they often make a ; 
; "complete circus" about things and : 
; think about things in terms that 
; are too black-and-white. 


: Source: 

: http://bgr.com/2015/09/25/linus- 
torvalds-guotes-interview-linux- 
; security/ 


3 Submitted by: Arnfried Walbrecht 


3 S ince 2006, Apple foundit 


prudent to consistently ignore 


Inventec Appliance Corp. is 


: http: 


3 designing/assembling the Xiaomi 
: Linux laptop in its China factory. 
: Along with Foxconn, Inventec is 


one of the top assemblers for 


: Intelpowered notebook 

: computers in China. Microsoft 

: (NASDAO:MSFT) also hired 

: Inventec to help Lenovo 

: (OTCPK:LNVGY) and Acer come up 
: with low-cost sub $250 Windows 

: 10 notebooks using Intel Atom Bay : 
: Trail-T processors. 


There is therefore great 


; 3 probability that Inventec will also 
: INTEL: INVENTEC CONFIRMED :; 
: IT IS MAKING THE XIAOMI 
: LINuUXx LAPTOP 


use a CPU from Intel for Xiaomi s 


: First laptop computer. The decision : 
: aim of defining a core set of open- 
: source Apache technologies to 

: speed adoption of Hadoop. 


: to use Linuxis easily explained by 
: the fact that Microsoft will never 
: allowits proprietary Windows 10 
: OS to be customized by Xiaomi. 


Source: 


3 Submitted by: Arnfried Walbrecht 
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seekingalpha.com/article/35 : 
: 35486-intel-inventec-confirmed-it- 
: is-making-the-xiaomi-linux-laptop 


: HADOOP OPEN DATA 
: PLATFORM MOVES UNDER 
: LINUX FOUNDATION "S WING 


3 S ix months down the line from 


its creation, the Open Data 


Platform Hadoop initiative driven 
: by Pivotal and Hortonworks has 
: today unveiled new members, 


work on a core spec and reference 


: implementation, plus a formal 
: governance structure. 


The initiative caused 


: controversy atits launch in 


February because of its declared 


Opponents dismissed it as a 


marketing effort and argued that 


interoperability across projects is 


: nota major issue. 


In a move that could further 


: grate with those not in the Open 

: Data Platform camp, the initiative 

: is also now being hosted at the 

: Linux Foundation as a collaborative 


project. 
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Source: 
http://www.zdnet.com/article/had 
o0op-open-data-platform-moves- 
under-linux-foundations-wing/ 


Submitted by: Arnfried Walbrecht 


BOTNET PREYING ON LINUX 
COMPUTERS DELIVERS 
POTENT DDOS ATTACKS 


S ecurity researchers have 
uncovered a network of 
infected Linux computers that"s 
fFlooding gaming and education 
sites with as much as 150 gigabits 
per second of malicious 
traffic—enough in some cases to 
take the targets completely 
offline. 


The XOR DDOS (or Xor.DDo95) 
botnet, as the distributed denial- 
of-service network has been 
dubbed, targets as many as 20 
sites each day, according to an 
advisory published Tuesday by 
content delivery network Akamai 
Technologies. About 90 percent of 
the targets are located in Asia. In 
some cases, the IP address of the 
participating bot is spoofedin a 
way that makes the compromised 


3 Source: 
: http: 


machines appear to be part of the 
network being targeted. That 


: technigue can make it harder for 
: defenders to stop the attack. 


"In short: Xor.DDOS is a multi- 


: platform, polymorphic malware for 
: Linux OS, and its ultimate goal is to 
: DDOS other machines, " a separate 

: writeup on the botnet explained. : 
: "The name Xor.DDOS stems from the : 
: heavy usage of XOR encryption in 
: both malware and network 

: communication to the Cg.Cs 

: (command and control servers). " 


3 LINUX FOUNDATION: OPEN 
: SOURCE CODE WORTH $5B 


ow much is open source code 


; worth? The answer: $5 billion, : 
; according to a newly released 

: Linux Foundation report that aims 
: to illustrate the estimated value of : 
: development costs saved by the 


code embedded in its Collaborative 


arstechnica.com/security/20 : 
: 15/09/botnet-preying-on-linux- 

: computers-delivers-potent-ddos- 
: attacks/ 


Submitted by: Arnfried Walbrecht 


Projects. 


The report, "A $5 Billion Value: 


: Estimating the Total Development 
: Cost of Linux Foundations ; 
: Collaborative Projects," found that : 
: the total lines of source code that 
: are presentin the Collaborative 

: Projects are 115,013,302. 


And the price tag for that is 


: about $5 billion, the report 
: concludes. 


: Source: 
: http://www.informationweek.com/ : 
: software/operating-systems/linux- : 
: foundation-open-source-code- 
: worth-$5b/a/d-id/1322432 


: Submitted by: Arnfried Walbrecht 


: WHY ARENT WE ARGUING 
: MORE ABOUT MR ROBOT? 


; i n episode 0 of Mr Robot, were 


introduced to our hero 
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protagonist [Elliot], played by Rami 
Malek, a tech at the security firm 


3 AllSafe. We are also introduced to 
; the shows Macbeth, [Tyrell 
: Wellick], played by Martin 


Wallström. When these characters 


: areintroduced to each other, 

: [Tyrell notices [Elliot] is using the 
: Gnome desktop on his work 

: computer while [Tyrell)] says hess, 
The time that would be needed : 
: to recreate the total effort of ; 
: these projects was found to be 
: 41,192.25 person years, meaning it : 
: would take 1,373 developers 30 : 
: years to recreate the code bases. 


"actually on KDE myself. I know 


: ([GnomeJis supposed to be better, 
: butyou know what they say, old 


habits, they die hard." 


While this short exchange 


: would appear to most as two 

: techies talking shop, this is a scene 
: with a surprisingly deep 

: interpretation. Back in the 90s, 

: when I didnt care if kids stayed off 
: my lawn or not, there was a great 


desktop environment war in the 
land of Linux. KDE was not free, it 


: was claimed by the knights of GNU, 
; and this resulted in the creation of 
: the Gnome. 


: Source: 
: https: 
: why-arent-we-arguing-more-about- 
: mr-robot/ 


3 Submitted by: Arnfried Walbrecht 


hackadav.com/2015/10/02 
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ÁNNIVERSARY OF FIRST 
LINUX KERNEL RELEASE: A 
LOOK AT COLLABORATIVE 
VALUE 


he Linux community often 

recognizes two anniversaries 
for Linux: August 25th is the day 
Linus Torvalds first posted that he 
was working on Linux and said 


"Hello, everybody out there..." and 5 


October 5th is the day he released ; 
eLG9EL DU IS ene ügy NEE Tedse : growth of the Linux kernel and 


: resulting innovation has inspired 

: others to adapt the principles, 

: practices and methodologies that 
: make Linux so successful to solve 
: some of today:s most complex 

: technology problems. 


the first kernel. 


To mark the anniversary of the 
first kernel release in 1991, we 
look at some facts and consider 
the progress that has been made 
since that early version. 

x Version 0.01 of the Linux kernel 
had 10,239 lines of code (source: 
Wikipedia). 

x Version 4.1, released in July 
2015, has more than 19 million 
lines of code (source: Phoronix). 


The current Linux kernel is the 
result of one of the largest 
collaborative projects ever 


attempted. According to the "Who 5 
; LINUX KERNEL DEV SARAH 


: SHARP OUITS, CITING 
" "BRUTAL" COMMUNICATIONS 


Writes Linux" Linux development 
report published in February of 
this year: 


Nearly 12,000 developers from 
more than 1,200 companies have 


: contributed to the Linux kernel 
: since tracking began 10 years ago. 


The rate of Linux development 


In recent years, the powerful 


: Source: 
: http: 


; Submitted by: Arnfried Walbrecht 


STYLE 


prominent Linux kernel 
developer announced in a 


blog post that she would step 


: down from her direct work in the 
: is unmatched. The average number : 


: of changes accepted into the 

: kernel per hour is 7.71, which 

: translates to 185 changes every 
: day and nearly 1,300 per week. 


: kernel community, saying that the 
: community values blunt honesty, 

: often containing profane and 

: personal attacks, above "basic 

: human decency." 


Sarah Sharp, an Intel employee 


: who, until recently, was the 

: maintainer of the USB 3.0 host 

: controller driver, wrote that she 
: could no longer work within a 

: developer culture that reguired 
: overworked maintainers to be rude ; 
: and brusgue in order to get the job : 
: done. She continues to work on 


. : other open-source software 
www.linux.com/news/featur : 


: ed-blogs/185-jennifer- 

: coer/857378-anniversary-of-first- 
: linux-kernel-release-a-look-at- 

: collaborative-value 


: projects, but says that she has 
: begun to dread even minor 

: interaction with the kernel 

: community. 


: Source: 
: http: 


" Submitted by: Arnfried Walbrecht 
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www.networkworld.com/art : 
: icle/2988850/opensource- ; 
: subnet/linux-kernel-dev-sarah- 
: sharp-guits-citing-brutal- 

: communications-style.html 


: OPEN NETWORK LINUX 

3 SIMPLIFIES OPEN COMPUTE 
: PROJECT SWITCH 

: CONFIGURATION 


3 B ig Switch Networks, Facebook 


and NTT have announced that 


: they have come together to create 
: a unified operating system called 

: Open Network Linux for Open 

: Compute Projects (OCP) switch 

: hardware. 


While the name doesnt exactly 


: roll off the tongue, the project is 
: designed to help companies, 


whether web scale-type companies 


: like Facebook or others looking to 
: take advantage of the Open 

; Compute Projects open source 

: switches, to use the platform as a 
: base to configure the switch"s 

: forwarding algorithms (more on 

: thatin a minute) in a way that 

: makes sense to them. 


Up until now, the project has 


: consisted of a set of disparate 

: components that engineers had to 
: stitch together. Open Network 

: Linux helps bring these 

: components together in a flexible 


way, while removing some of the 
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engineering complexity. 


Source: 
http: 
/open-network-linux-is-ready-to- 
power-open-compute-project- 
switches/ 


Submitted by: Arnfried Walbrecht 


REAL-TIME LINUX GETS A 


COMPUTING SYSTEMS 


B ack in 2006, Linus Torvalds 

said, "Controlling a laser with 
Linux is crazy, but everyone in this 
room is crazy in his own way. So if 


you want to use Linux to control an 3 


industrial welding laser, I have no 
problem with your using 
PREEMPT RT." The debate was 
started on whether Linux should 
be a real-time operating system. 


Real-time Linux started years 
earlier when academics created 
the first real-time Linux distros 
such as eKURT, University of 
Kansas; RTAI, University of Milano; 
and RTLinux, New Mexico Institute 
of Mining and Technology. As the 
years went by, PREMPT-RT, which 


is maintained by Steven Rostedt, a 
Red Hat principal software 


: programmer, became the most 
techcrunch.com/2015/10/07 : 
: Disagreements on how to 

: implement real-time functionality 
: into Linux still exist. So The Linux 
: Foundation, the non-profit 

: organization dedicated to 

: accelerating the growth of Linux 

: and collaborative development, 

: andits allies, created the new Real- : 
: Time Linux (RTL) Collaborative 


: Project. 
LEG-UP INTO MORE COMPLEX ; 


important real-time Linux variant. 


: Source: 
: http: 
: -real-time-linux-project-launched- 
: real-time-linux-rtl-collaborative- 


: project/ 


Submitted by: Arnfried Walbrecht 


: UBUNTU FOR ANIME AND 

: MANGA MANGAKA LINUX 
: CHU SWITCHES TO 

: CINNAMON AND GNOME 


3 e elebrating seven years of 


activity and in the good 


a different desktop environment 


www.zdnet.com/article/new : 
: Openoffice, Mozilla apps, Wine, 
: codecs and multimedia editors 

: installed out-of-the-box just for 
! you!" says Animesoft International ; 
: in an email to Softpedia. 


for each new release of the 
Mangaka Linux distribution, we 


: report that the Mangaka Linux Chu : 
: OS will ship with a beautiful 

: interface that combines elements 
: from the popular Cinnamon and 

: GNOME desktops. It will also 

: include some of the latest and 

: most popular Linux apps. 


"Now, our new team wanted to 
celebrate the 7 years of Animesoft 


centre, Skype, Google apps, 


As you might know, Mangaka 


: Linux is an Ubuntu-based computer : 
: operating system targeted at 

: anime and manga fans, as it 

: includes several applications for 
: fansubbing and fandubbing. The 
: final release of Mangaka Linux Chu ; 
: will be available in the coming 

: weeks and it! be based on the 
: latest Ubuntu 14.04 LTS (Trusty 


3 tradition of the project to move to 3 Tahr) release. 


Source: 
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http://news.softpedia.com/news/u 
buntu-for-anime-and-manga- 
mangaka-linux-chu-switches-to- 


: cinnamon-and-gnome- 
: 494322.shtml 


: Submitted by: Arnfried Walbrecht 


3 THE LINUX FOUNDATION: 
: How TO FIX THE INTERNET 


: International, releasing the Release : 
: Candidate of the new CHU that has. : 
: CinnamontGnome as desktop and 
: filled with most recent Kodi media 


he Linux Foundation, the 
organisation designed to 


: promote Linux and open source 

: software development practices, 

: plans to improve internet security 
: by coordinating teams of 

: dedicated coders, and large firms 


with the financial power to fund 


: them. 


Speaking at technology 
conference IP EXPO in London 


: today, Jim Zemlin, executive 

: director of the Linux Foundation, 

: began by outlining the ubiguity of 
: Linux, the open source operating 


system originally developed by 


: Linus Torvalds. 


Since 2005, over 8,000 


: developers from around 800 firms 
: have contributed to the Linux 


kernel (the fundamental part of 
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the operating system that 
translates user or other types of 
reguests into instructions for the 
devices CPU). Zemlin said that a 
major new kernel comes out every 
two to three months, which is a far 
more regular update than other 
operating systems, like Microsoft"s 
Windows platform, which usually 
sees new revisions only every five 
or more years. 


The development process for 
Linux is extremely collaborative, 
and Zemlin highlighted this as a 
major strength of open source 
software in general, which he said 
firms are now seeking to turn to 
their advantage. 


Source: 
http: 


buntu-for-anime-and-manga- 
mangaka-linux-chu-switches-to- 


cinnamon-and-gnome- 
494322.shtml 


Submitted by: Arnfried Walbrecht 


NON-AGGRESSION?! THE 
OPEN IÍNVENTION NETWORK 


news.softpedia.com/news/u : 


B ack in 2005, Linux was still 
under attack by SCO for 


: imaginary copyright violations, and : 
: Microsoft CEO Steve Ballmer was 
: claiming that Linux violated more 
;: than 200 of the companyss patents. : 
: Linux needed alltthe intellectual 

; property (IP) law helpit could get. : 
: So IBM, Sony, Philips, Red Hat, and : 
: Novell formed the Open Invention 
: Network (OIN) patent consortium, : 
; to defend Linux against IP attacks. : 
: OINSs plan was to acguire Linux- 
: related patents and share them 
: royalty-free to any organization 
: that agrees not to assert its 

: patents against Linux or its 

: applications. 


It worked. 


SCO is history. True, Microsoft, 


: while embracing Linux and open 
; source, is also still profiting from 
: licensing never proved patents to 
;: Android vendors, but theyrre no 
: longer rattling their legal sabers at : 
; the Linux distributors or Google.  : 


Still, while Linux has IP legal 


success story. 


. http: 


Source: 
www.zdnet.com/article/a- 


decade-of-linux-patent-non- 


: aggression-the-open-invention- 
: network/ 


Submitted by: Arnfried Walbrecht 


: LINUX FOUNDATION AND 

: ONOS PARTNER ON OPEN 
: SOURCE SDN AND NFV 

: NETWORKS 


3 e NOS develops an SDN 


operating system for carrier- 


: grade networks. Designed for high 
: availability, high scalability and 

: high performance, the platform is 
: Funded and supported by a range 

: ofFindustry partners, including 

: AT8T, NTT Communications, SK 

: Telecom, China Unicom, Ciena, 

: Cisco, Ericsson, Fujitsu, Huawei, 

: Inteland NEC. 


The ONOS platform was open 


sourced in December 2014, and 


zs k has issued four new releases since 
: Fights on its hands, OIN has been a : 


: : then. 
A DECADE OF LINUX PATENT : : 


As part of the partnership with 


3 the Linux Foundation, ONOS will 
"transform service providers" 
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infrastructure for increased 
monetization by achieving high 


: capex and opex efficiencies and 

: creating new innovative services 

: using the power of open source 

: SDN and NFV," the Linux 

: Foundation said in a statement. 

: "The Linux Foundation will assist 
: ONOS to organize, grow and 

: harness the power of this global 

: community to take ONOS and the 
: solutions enabled byit to the next 
: level of production readiness and 
: drive adoption in production 

: networks." 


: Source: 

: http://thevarguy.com/open- 
: source-application-software- 
: companies/101315/linux- 


: foundation-and-onos 


: Submitted by: Arnfried Walbrecht 


: LINUS TORVALOS IS "REALLY 
: HAPPY" wirH LINUX KERNEL 
: 4.3 RELEASE CANDIDATE 6 


3 (E Torvalds announced that 


the sixth Release Candidate of 


: Linux kernel 4.3 is available for 
: download and testing from the 
: usual places, and it appears that 


things are calming down very well 
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for this release, which makes Mr. 
Torvalds really happy. 


"Things continue to be calm, and 3 


in fact have gotten progressively 


calmer. All of which makes me really 3 


happy, although my suspicious 
nature looks for things to blame, " 


says Linus Torvalds. "Are people just : 
: scientists. 


on their best behavior because the 
Kernel Summit is imminent, and 
everybody is putting their best foot 
forward?" 


According to Linus Torvalds, 


Linux kernel 4.3 Release Candidate : 
: per second - thats seven to nine 
: petaflops. 


6 consists of a great number of 
driver updates, especially for 
things like InfiniBand, which 
includes a copyright message 
clarification, and GPU (Graphics 
Processing Unit), various small 
architecture updates — mostly for 
x86 KVM (Kernel Virtual Machine) 
fixes For SMM emulation - as well 
as a few mm improvements. 


Source: 
http://news.softpedia.com/news/li 


nus-torvalds-is-really-happy-with- 


linux-kernel-4-3-release-candidate- : 


6-494775.shtml 


Submitted by: Arnfried Walbrecht 


US NUKE BOFFINRY TO BE 


: POWERED BY FACEBOOK- 


INSPIRED LINUX SERVERS 


p. clusters built from 
Facebooks blueprints will help 


: crunch numbers for the US 


governments hydrogen bomb 


The computer system, dubbed 


the Tundra Extreme Scale series, 
: will cost $39m, and at its peak 
: perform between seven and nine 


thousand trillion math calculations 


The machines will be installed 


: at Americas Los Alamos, Sandia, 

: and Lawrence Livermore national 
: laboratories from April 2016, with 
: the last rack scheduled to be in 

: place by September 2018. There, 

: they will carry out "stockpile 

: stewardship," which is a 

: wonderfully sterile and 

: bureaucratic way of saying nuclear : 
: weapon reliability testing and 


simulation. 


Essentially, the computer 


; system will be used to calculate 
" whether or not Uncle Sams 


stockpile of nukes, stored away in 


grim silence, can be relied upon to 
wipe cities from the face of the 


: Earth at short notice. Discovering 
: your thermonuclear warheads have ; 
: deteriorated into duds only after 
: you press the big red button will 
: beabit of a bother. Politicians and : 
: military commanders want to avoid ; 
: that scenario. 


: Source: 
: http: 
: /10/22/us nuke boffins powered : 
: by ocp/ ; 


3 Submitted by: Arnfried Walbrecht 


www.theregister.co.uk/2015 


: NTP FLAw IN LINUX, MAc, 
: AID BSD OS DISTROS CAN 
: BE USED TO COMPROMISE 

: ENCRYPTION 


ight security vulnerabilities 


: and BSD OS distributions. Network ; 
: Time Protocol (NTP) is a 
: networking protocol for clock 


synchronization between 


3 computer systems over packet- 
switched, variable-latency data 
networks. In operation since 
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before 1985, NTP is one of the 
oldest Internet protocols in 


: current use. NTP was originally 


designed by David L. Mills of the 


: University of Delaware, who still 
: oversees its development. 


One of the 8 security 


: vulnerabilities discovered by 

: Cisco"s engineers allows attackers 
: to manipulate a targetss clock, 

: making the victim believe they 


traveled to the future. Cisco 


: engineers have stated that the 

: vulnerabilities affect the Network 

: Time Protocol daemon (ntpd), 

: responsible for synchronizing time 
: across computer networks (like the 
: Internet, Intranets or smaller 


LANS). 


: Source: 
: http: 
: 0/ntp-flaw-linux-mac-bsd-os- 
: distros-compromise- 


have been discovered by Cisco 3 encryption.htmi 


: researchers in the Network Time 
: Protocol (NTP) used by Linux, Mac, 


www.techworm.net/2015/1 


3 Submitted by: Arnfried Walbrecht 
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I recently received a BO Aguaris 


E4.5 device running Ubuntu. Part : 


of the reason for getting it was a 


promise to write a series of articles 5 ; . : 
: package list, and immediately 


; afterwards installs the ubuntu-sdk : 
: package. 


about developing for the phone. 
This will be part 1, covering setup 
and a basic hello world" program. 


INSTALL THE SDK 
Ubuntu released the Ubuntu 


easier. I will be focusing on this 
program for the series. IF youre 


possible to still develop for 
Ubuntu, but I w hont be covering it 
in this series. 


ADDING THE REPOSITORY 


sudo add-apt-repository 
ppa : tbuntu-sdk-team/ppa 


This command will add the 
official ubuntu-sdk PPA, to allow 
you to easily get the newest 
packages. 


INSTALL THE PACKAGE 


COMMAND 8. CONOUER 


Written by Lucas Westermann 


; sudo apt update §£§ sudo apt 


install ubuntu-sdk 


This command updates the 


The official install page notes 


: that anyone running a 

: development version of 15.10 

j : should ensure their packages are 
SDK in order to make development : all up-to-date, before installing 
: ubuntu-sdk, with a "sudo apt dist- 


: upgrade". 

averse to SDKS, I would imagine its : Fa 

3 LAUNCH THE APPLICATION 
3 ubuntu-sdk 


: Or, just find and click on the sdk 3 
: icon. 


Once the application has 


: launched, youtll want to click on 

: "Create a New Project", or File-s : 
: New File or Project. For the sake of : 
: the Hello World program, Tve ; 
: chosen an HTMLS5 App. If you want : 
: to experiment with anything else, 
: feel free to do so. 


Coding For UDuntu Phones 


: CREATE YOUR PROJECT 


The SDK will first ask you for a 


3 name and a save location. I chose 
: HelloWorld and -/Ubuntu SDK 

: Projects/, but youre welcome to 
: choose anything you want. 


The next page will ask for 


3 personal information - your 
: nickname, full name, email, the app : 
: name, and the framework you ; 
: want to develop for. I chose the 

: ubuntu-sdk-15.04 framework (as I 
: am running 15.04). 


: BUILD TARGETS 


By default, there is only the 
Desktop kit available. So youll 


: need to choose "create new kit", 
: and choose "armhF" if youre 3 
: planning to run it on a phone. Once : 
: you select the architecture, it will 


; prompt you for your password, and 3 doing any actual coding. Instead, I 


: will Focus on running the device 

. : locally, and on the physical device. 

machine (for any reason), or a small : ü 
ÉM : IFyou want to adjust the HTML, 

: partition, make sure you have more : 

: than 10GB dedicated to the hard 


" drive. (Using the Ubuntu base, 


begin installing the kit. Note: IF 


; youre running this in a virtual 
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: updates, the SDK, and the kit 
: install, I ran out of space on my 
; test 10GB partition). 


Note: if you dont want an 


: emulator, and want to run it only 
: on a physical device, you can skip 
: this step. 


: PosrT KIT CREATION 


The wizard then simply asks 


: what Kit(s) you want to use, and 
: asks about version control. I 

: enabled both Desktop and the 

: armhfF kit I just created, and 

3 skipped over the version control. 


: THE HELLO WORLD 
: APPLICATION 


As it turns out, the basic HTML5 


: appis already a Hello World 
: application. As such, we wont be 


3 feel free. 
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COMMAND 8 CONOUER 
DESKTOP 


IFyou look in the lower left oF 
the SDK window (shown below), 
you ll see an image of a Desktop 
(or an Ubuntu logo, depending on 
which kit you selected). Below that 
are two green arrows, and a 
hammer. The first green arrow is 


hammer is "build". The Desktop kit 
is used to run the application 
within Ubuntu, in a separate 
window. So, if you hit the "run" 
button, you should see something 
similar to the below screenshot 
(assuming you used an HTML5 


App). 


Lt LELETET ELETPELET 


Hai 


UBUNTU PHONE 


: (EMULATED) 


In order to run it on an Ubuntu 


: Phone, youll need to create an 
: emulator. To do so, go to Devices, 
: and click the large plus sign. There, : 
: youll need to give it a name 
METÁN éji ji : (without spaces), choose the 
run", the other is "debug", and the : architecture, as well as the Ubuntu ; 
: image you want. I chose ba-stable 
: over devel, since my goalis to test 
: iton a physical bg device later. 


; Once you enter the 

: information, it will prompt you for 
: a password, and then begin 

: creating the emulator. 


y 


VIETTTTTT TT 


Once the emulator is created, 


. simply click on the Icon above the 
: green arrow, and select (with your 
: arrow keys) the kit you want to 

: use. In the case of the example, its : 
: the armhf kit you want. Then 


clicking "run" will launch the 


: emulator, and eventually load the 
: appinto the emulator. 


: UBUNTU PHONE (PHYSICAL) 


The Ubuntu Devices section 


: from the emulated section will also : 

: display any usb connected Ubuntu : 

: devices. However, my Aguaris E4.5. : 

: was not recognized at first. It turns : 

: out! had forgotten to enable ; 

- : developer mode. On the phone, go : 
: toSettings -z About This Phone,  : 

: and then Developer Mode. Make 

: sure there is a green checkmark. 

: Then plug it in. You can check to 

: see ifFits connected properly by 

: running adb devices in the list. Or 

: lsusb (to see if the device is even 

: recognized). It should also appear 

: as an MTP device. Once the 

: physical device is connected, 

: switch to the Ubuntu Devices 

: panel, and ensure its listed here 

: too. Also, make sure its unlocked. 

: IFitisnt, youll see something 

: similar to this in your log: 


arch:error:closed. 
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Once it appears in your Ubuntu 


. Devices panel, it will show a 
: message about frameworks. Just 
: allowit to automatically select a 


framework, and you re done. This 


: will create a new Kit called 

: "Ubuntu Device". In order to build 
: and run your application on the 

: phone, you need to click on the 

: tab/icon for "Projects". There, 

: youll want to click on the button 

: "Add Kit" (just above the hammer 
: icon), and select the Ubuntu 


Device from the menu. 


Helloworld 


Build 8.Run A 


gy 


Welcome 


Once the kit is 
added, you must 
select it (the icon 
above the green 
arrow in the bottom 
left), and run the 
p project. This will 
then open the app 
on your phone. 


Default 


ha 


In order to stop 
the application, click 
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COMMAND 8 CONOUER 


on "Application Output" on the 
bottom of the window. There, you 
can click on a red sguare to stop 
the application from running. IF 
you forget to do so, the Ubuntu 
SDK will warn you about it, and 
offer to force-guit the application. 


El Applicatian output 


WRAP-UP 


That was it for this month. Now 
that we"ve gotten the basics out oF : 


the way (running applications), 
we Il be ready to start 
programming! If you have any 
guestions, reguests, suggestions, 
or just want to say hi, I can be 
reached at 


lswest34--fcm Ogmail.com. 


s Hello World 


Welcome to Ubuntu HTML5! 


The Ubuntu Developer 
documentation is a good starting 
point to learn more about the 
HTML5 platform. 


HTML5 Platform Documentation 
HTML5 API 
The Ubuntu HTML5 platform 
offers plenty of APls. An updated 
listing and documentation can be 


accessed below. 


APIS DOcumentation 


(7) 


Lucas has learned all he knows from 
repeatedly breaking his system, then 
having no other option but to 
EIZESET how to fix it. You can email 
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(o) ubuntu 


The Ubuntu Podcast covers all 
the latest news and issues facing 
Ubuntu Linux users and Free 
Software fans in general. The 
show appeals to the newest user 
and the oldest coder. Our 
discussions cover the 
development of Ubuntu but 
arent overly technical. We are 
lucky enough to have some 
great guests on the show, telling 
us first hand about the latest 
exciting developments they are 
working on, in a way that we can 
all understand! We also talk 
about the Ubuntu community 
and what it gets up to. 


The show is presented by 
members of the UKs Ubuntu 
Linux community. Because it is 
covered by the Ubuntu Code of 
Conductitis suitable for all. 


The show is broadcast live every 
fortnight on a Tuesday evening 


(British time) and is available for 
download the following day. 


podcast.ubuntu-uk.org 
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W elcome fellow pythoners. As ; 
the kids hereinthe central. : 
: also has an Ethernet connection 
: forInternet access. 


parts of the U.S. say, "Whats 
Shakin" Bacon?" Vm not exactly 
sure what thats supposed to 
mean, but I assume its a good 
thing. 


You might notice the new 
header. I decided that Tve taught 
you all the basics of Python that! 


can for "general" programming, so : 
: modern cell phones, and access to 
an HDMI monitor or TV. Eventually, : 
: you should also consider getting a 
: breadboard and some connecting 
: wires for when we start to 

: interface to the outside world. You : 
: can find any number of places that 
: sell the Pi on the Internet. Here in 
: the U.S., we can get them for 

: around $35. 


now we are going to delve into 


using Python to talk to other types 3 


of computers and controllers, like 
the Raspberry Pi and the Arduino 
micro controller. We Il look at 
things like temperature sensors, 
controlling motors, flashing LEDS 
and more. 


This issue we will be focusing 
on what well need to do this and 
focus on a few of the projects we 
will be looking at in the future. 
Next issue, we will start the first 
project. 


One of the things we will talk 
about next time will be the 
Raspberry Pi. The Pi is a credit-card 
sized computer that natively runs 


HOW-TO 


Written by Greg D. Walters 


Linux on an SD card. Its output 
goes to your TV set via HDMI. It 


You can find out more at the 


: official site 

: https://www.raspberrypi.org. IF 

: you want to follow along with the 
: projects, you will need a Pi, SD 

: card, Keyboard, Mouse, a 5volt DC 


power supply like the ones on 


One other thing about the Pi is 


: thatit provides access to a series 

: of pins that support GPIO (General 
: Purpose Input/Output). Basically, 

: this means that you can write 

: programs that will send signals to 
: the output pins and read the 

: signals from the input pins. This 


can be used to interface to things 


Python In The. REAL World 


: like LEDS, sensors, push buttons, 
: etc. Many people have made home ; 
: automation systems, multiple ; 
: processor systems (by linking 40 or ; 
: so Pi computers together to : 
: emulate a supercomputer), 

: weather stations, even drones. So 
: you can imagine that the 

: possibilities are endless. Thats 

: why I decided to start with it for 

: this series of articles. 


After a while, we will begin to 
work with the Arduino, which 


: according to the official website 


: (https://www.arduino.co): "Arduino 3 


: is an open-source electronics 


platform based on easy-to-use 


: hardware and software. Its 
: intended for anyone making 
: interactive projects . 


Once again, this is an exciting 


: device to work with. In this part of. 
: the series, we will look at talking to ; 
: the Arduino, first in its native ; 
: scripting language, and then in 

: Python and eventually interfacing 
: the Pi with the Arduino. 


I know this months article is 
fairly short, but Fve been doing 
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3 poorly health-wise, so Pm saving 


my strength for the next article. 


: Until then, grab some electronics 


and get ready for fun! 


eg 


Greg Walters is owner of RainyDay 
Solutions, LLC, a consulting company 
in Aurora, Colorado, and has been 
programming since 1972. He enjoys 
cooking, hiking, music, and spending 
time with his family. His website is 


ri contents 7 


j 


have a PC with a hard disk of 

TTB, a solid state drive of 250 
GB, and a CD/DVD drive. I want to 
install Windows 10 and four Linux 
distros on it using UEFI and secure 
boot. 


Previously, I had a lot of 
problems when I made a multi- 
boot system with Linux distros, 
because the boot loader (grub2) 
and its directory (/boot/) must be 
shared. The problem is that each 


distro installs a different version of : 
grub2. The result could be that the : 
: partitions in the volume group. 

: These logical partitions are called 
: logical volumes in LVM speak. It is 
: very easy to change the size of 

: logical volumes when needed. 

: Another advantage is that the 

: name of a logical volume can not 
: change, so you can safely address a : 
: logical volume lv in volume group 


PC refuses to boot after a distro 
update due to inconsistencies 
between the updates that the 
distro made in the /boot directory 
and the boot loader installed on 
the hard disk. 


To prevent this I intend to use 
the two-step boot mechanism 


described in article "Howto: GRUB2 
: /dev/hdvgf/lv. 


and multiboot Pt. 4" that was 
published FCMtt88. The central 
boot loader gets a separate 
partition for its data and it will 
allow the user to select a distro 
from a menu. The central boot 
loader will then start the specific 


HOW-TOÓ 


Written byFrank Dennisen 


: boot loader of the selected distro. 
: The specific boot loader has its 

: own partition for its data, and it 

: will show a second menu to the 

: user to select a particular kernel 

: version and eventually extra boot 
: options. The chainloader module 

: of grub2 is used to start another 

: boot loader. 


I also use LVM (Logical Volume 


: Manager) as much as possible. In 
: LVM, one can assign one or more 


physical partitions to a so-called 
volume group, and create logical 


hdvg as /dev/mapper/hdvg-lv or 


l intend to create one volume 


: group "hdvg" on the hard disk for : 
: the volatile data of the distros, and : 
: another one "ssdvg" on the solid 


state drive. I will install Windows 


Both partitions will be on the 


: hard drive as they contain volatile 
: data. 


I will create for each distro: 


e a physical partition on the solid 
: state drive for the specific boot 
: loader (/boot), 


One usually also provides a 
separate partition for the user 
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Multiboot With UEFI, W10 8 Several Distros 


: 10 onthe first half of the hard disk. : 
; : preferred distro (Kubuntu). The 
ú The central boot loader needs a : 
: physical partition (the boot loader 
: does not speak LVM), and I will 

: placeit on the solid state drive. 

: Other partitions that are shared 

: between all distros are: 

: e a physical partition used as swap 
: area, and 

: a a logical volume for temporary 

: files that are erased when Linux 

: starts up (/tmp). 


mount my home directories in the 


other distros are just for 


3 experimenting, so they never 
: contain important data. 


: STEP T: PREPARE FOR THE 
; INSTALLATION OF WINDOWS 
: 10 


Decouple first the solid state 


3 disk from the motherboard to 
: make sure Windows 10 uses only 
: the hard disk. 


Windows 10 is sold in the form 


: ofa USB stick, so plug the stick in 
: one of the USB slots and boot the 
: PC. Enter the BIOS to enable UEFI 
: and secure boot. For my 

: motherboard type, I must press 

. a logical volume on the solid state : 
: drive for the root file system of the ; 
: distro (/), and finally ; 
: a a logical volume for persistent 
: data (/var) on the hard disk. 


the Del key a few times just after 
the PC boots. 


: STEP 2: PREPARE THE BIOS 


The nasty thing is that the 


3 procedure depends on the 


: data (/home), but! will not do that : MOLhérSogra (ee 50 YOU 


; : h i 
because I have a NAS from which I dróbábly have Fő EXBELMÉNE CA 


find the exact settings for your 
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HOWTO - MULTIMODE UEFI 


motherboard. Mine is an ASUS 
A88X-Plus. For this type of 
motherboard, one must enter 
Advanced Mode and then select 
the Boot tab. 


To enable UEFI, go into 
"Compatibility Support Mode" and 
set: 

e "Launch CSM" to Enabled, 

e "Boot Device Control" to "UEFI 
only", 

e "Boot from storage devices" to 
"Both, UEFI First" and 

. "Boot from PCle/PCI expansion 
devices" to "UEFI drive First". 


To enable secure boot, set 
"Secure boot" to "Windows UEFI 
mode". 


Make the USB stick the first 
boot device. I had to select "UEFI: 
KDI-MSFTWindows10". Always 
select the UEFI variant in case you 
have multiple options. Save the 
configuration and exit. 


STEP 3: INSTALL WINDOWS 

The PC reboots now and starts 
with the installation of Windows 
10. 


The installation program 


proposes to divide the hard disk in 
four partitions. I reduced the size 


: ofthe largest partition to 500 
: GByte so I have enough space for 
: the future Linux partitions. 


During the installation, you 


: have to answer a few guestions, 
: but finally vour PC reboots into 
: Windows 10. 


In a multiboot environment, 


: you must disable fast reboot to 
: avoid corruption of your Windows 
: 8, 8.1 or 10 installation. 


Go to the "Control Panel", 


: select System, "Power options," 

: and then "Choose what the power 
: options do". Click on "Change 

: settings that are currently 

: unavailable," and finally remove 

: the tick in front of "Turn on fast 


( / KR! il 


: startup (recommended) ". "Save 
: changes" and reboot your PC. 


Now remove the USB stick with 


the Windows 10 software. 


3 STEP 4: INSTALL KUBUNTU 


Download the iso-image of 


: Kubuntu 14.04 LTS 64-bit, burn it 
: on a DVD, put it in the CD/DVD 


drive, and shutdown the system. 


Reconnect the solid state drive 
to the motherboard and boot the 


: PC. 


Go into BIOS and select the 


: DVD as boot device. I had to select ; 
: "UEFI: P3 TSTST corp CODVDW SH- : 
: 224 DB". Always select the UEFI 
: variantin case you have multiple 
: options. Save the configuration 

: and exit. 


Select first "Start Kubuntu", 


So you now have the choice: 


I will explore the latter option. 


full circle magazine 4102 o 15 


AND LOGICAL VOLUMES IN 


: KUBUNTU LIVE 


Ouit the installation, and 
Kubuntu live is started 
automatically. 


Open now a terminal: you find 


: one under Applications-zSystem as 
: "Terminal Konsole". 


Install gparted with following 


: wait some time until you can select command: 


: your language, and "Install 

: Kubuntu". In step "Disk Setup," 

: choose "Manual" as "Installation 
: Type". 


; sudo apt-get install gparted 


Start gparted: 


; sudo gparted 
; Bummer: the installer does not :; 
: allow to create LVM volume groups : 
: and logical volumes, butit can 

: work with logical volumes if they 
: are created in advance. 


Select the appropriate disk: you 


: should be able to figure out from 

: the sizes which one is the hard disk 
: and which one is the solid state 

: drive. Make sure to remember the 

i : identification (for example: 

: " forget about LVM and create only : 
: physical partitions, or 

: e jump to the Kubuntu live and 

: create the physical partitions and 
: logical volumes there. 


/dev/sda7) of each partition you 


: have created. 


The hard disk already has a 


: partition table. Select the 

: unallocated area and select 

: Partition-zNew to add a new 

: partition: give it a size of 1GB and 


" STEP 5 : CREATE PARTITIONS 


select linux-swap as file system. 
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This partition will be used as swap 
space. Repeat the process to add 
another partition, with file system 
Ivm2pv, that spans the complete 
unallocated area. Press the Apply 
button. 


Note: there is no need to 
format the partitions: let the 
installer do that. 


The SSD drive does not have a 
partition table yet. Select the 
device and select Device-:Create 
Partition Table. Under Advanced, 
change the type from msdos to 
gpt, and Apply. 


Create now 6 partitions: 
s one of 100 Mbyte with file system ; 
ext2 for the central boot loader, 
e four of 1 GByte also with File 
system ext2 for the specific boot 
loaders, and 


that spans the complete 
unallocated area. 


Press the Apply button. Close 


Add the physical partition with 
file system lvm2pv that we just 
created on the hard disk (in my 
case this was called /dev/sdb6) to 
LVM: 


sudo pvcreate /dev/sdb6 


Create the volume group hdvg 


3 and assign the partition to it: 


3 sudo vgereate hdvg /dev/sdb6 


Create logical volume var1 of 


: 30 Gbytein volume group hdvg: 


; sudo lvcreate -n var1 -L 30G 
: hdvg 


In the same way, create logical 


volumes var2, var3 and var4 and a 
: 10 Gbyte logical volume tmp. 


Create now the volume group 


3 ssdvg on the solid state drive, and 


: create four logical volumes root1, 
root2, root3, root4 of 20 GByte 


: each. 


Go back to the installer by 


NNA : pressing "Install Kubuntu" on the 
e a last one with file system lvm2pv : 


: desktop. 
: STEP 6 : RESTART THE 


3 KUBUNTU INSTALLATION 
gparted and return to the terminal. : 


Choose again, "Manual" as 
"Installation Type" in step "Disk 


: Setup". 


Use the central boot partition 


for /boot/central, and the first 
specific boot partition for /boot. In 


3 both cases, select ext2 as the file 
: system. 


Use /dev/ssdvg/root1 as /, 


: /dev/hdvg/var1 as /var, and 

: /dev/hdvg/tmp as /tmp, all with a 
: ext4 file system. Finally use the 

: swap partition as swap space. Let 
: the installer format all partitions. 


Continue with the installation. 


If vou boot directly into 


: WDC WD10EAVS-00D7B1)". 


3 STEP 7 : CONFIGURE LINUX 
TO USE THE SSD 


original version (sudo cp config-file 
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config-file.bak), and add a 
comment with your name and 


: date, and the reason why you 

; made the change to the modified 

: File. In this way you can easily 

; revert changes or find all files that 
; you modified. Use the live DVD to 

: repair in case things go terribly 

: wrong. 


You must reduce as much as 


: possible the number of writes to 
; : your solid state drive to increase 
: Install the boot loader on the solid : 
: state drive and finally your PC will 
: reboot. 


its lifetime. 


The file system, by default, 


: writes the access time of each file 
: : or directory that you read. This 

: Windows, enter the BIOS and make : 
: sure that Ubuntu is the first boot 

: device. I had to select "Ubuntu (P4 


information is almost never used, 


; soitis safe to disable this feature. 
: You should at least do this for the 
: solid state drive, but it does no 

: harmif you do this too for your 
You should now be able to start : 
: up Windows and Kubuntu via the 
: grub menu. 


hard disk as it will make your disk 


; access faster. 


Edit /etc/fstab as root, and add 
"noatime" in the options field 


: (dont forget the comma) of the 
: partitions or logical volumes that 


NYENE : : are onanyofthe disks. 
Note: in this step you will make : 


: some changes to configuration 
: Files. Be very careful doing so: 
: always make a backup file of the 


Example: 


; UUID-8482863b-d04e-40d2-be10- 


£5£3df88b8cd / ext4 
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errorszremount-ro 01 


UUID-f65f£89ac-b2b0-4345-949a- . za 
: /etc/sysctl.conf as root and adding : 


: following lines: 


6965e3513db3 /boot ext2 
defaults 0 2 


becomes: 


UUID-8482863b-d04e-40d2-be10- ! ym.vfs cache pressure-50 


£5£3df88b8cd / ext4 


errorsz-remount-ro, noatime 0 1 : 


UUID-f65f89ac-b2b0-4345-—-949a- : 


6965e3513db3 /boot ext2 
defaults,noatime 0 2 


Verify that vou entered the 
correct syntax by executing: sudo 
mount -a. 


A second modification is to run 
the trim command at boot up time 
and not via a cron job. Edit 
/etc/rc.local as root, and add 
"fstrim -v cpartition:" for each 
partition that is written on the 
solid state drive that is written 
often by this distro. I have added: 


fstrim -v / 
Edit /etc/cron-weekly/fstrim as 


"fstrim-all". Example: 


texec fstrim-all 


In case your cache partition is 


on the solid state drive, you should 


also reduce the number of times 
Linux uses the cache by editing 


: vm. swvappinessz1 


Some applications like Firefox 
and Java write a lot to the home 


: directory. Also this causes 

: unnecessary wear of the solid 

: state drive. For example, google 
: "firefox and ssd" to find 

: instructions to make applications 
: solid-state-drive friendly. 


: STEP 8 : CONFIGURE THE 2- 
: STEP BOOT MENU 


I found my inspiration in article 


: "Howto: GRUB2 and multiboot Pt. 
: 4 that was published in FullCircle 
: 88. Our central boot partition, 

: /boot/central, is the eguivalent of 
: /mnt/GRUBPpart/boot in the article. : 
; Take into account that UEFI 

: reguires a lot of changes to the 


root, and put a hash "in front of : 
; procedure. 


First, add chain loader entries 


3 to /etc/grub.d/40 custom. 


Chain loader entries for use 


; menuentry 3 
set root-"hd0O,msdosl"! : 


menuentry "Kubuntu 14.04 amd64 op /dev/sda9" ( 


insmod part gpt 
insmod chain 
set root-"hd0O, gpt5! 


set prefix-($root) /grub 

configfile $prefix/grub.cíg 

set efi root-!"hd2, gpt2" 

chainloader ($efi root) /EFI/ubuntu/grubx64.efi 


: without UFEFI are very simple. Such : 
: an entry looks as follows: if 
: hdo,msdos1 is the grub name of 
: the partition where you want to 

: jump to (the partition that is 

: mounted on /boot or on / if you 

: have no separate boot partition): 


"Ubuntu!" ( 


chainloader 11 


: Hint: inspect /boot/grub/grub.cfg 
: to Find out how partitions are 

: named by grub. Use the grub shell 
: in case you are in doubt about the 
: correct names: reboot your PC, go 
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A chain loader entry for UEFI is 


: much more complicated. It looks as 
: shown above, if hdoO,gpt5 is the 

: grub name of the partition where 

: you want to jump to (the partition 

: thatis mounted on /boot or on / if 
: you have no separate boot 

: partition), and if hd2,gptis the 


grub name for the EFI partition. 


Note: check and correct the 


3 paths to the different files when 
: you use another distro and/or 
: partition scheme! 


It is probably better to work 


into the BIOS, disable secure boot, :; with the uuid as the hard disk 


: save and exit, and press escape 

: when you see the grub menu. You 
: can now enter commands like dir 
:  (hdo,msdos1)/ to see the contents : 
: of a given partition: this will help 
: you to verify if an assumed grub 
: name is correct. Use the command : 
: reboot to reboot the PC. 


: numbers (hdx) in grub can change 
: ifyou, for example, start up with 

: an USB stick plugged in. Use sudo 
: blkid /dev/sda5 to find the uuid of 
: partition /dev/sda5. The chain 

: loader entry looks now as shown 

: (page after next) at the bottom 

: (dont forget to enter the correct 

. values for the hints to0). 
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Add a chainloader entry 
(previous page, top right) to jump 
to Kubuntu itself and copy the 
entries for "Windows 10" and 
"System Setup" from 
/boot/grub/grub.cfg to 
/etc/grub.d/40. custom. 


Execute: 


sudo update-grub 


reboot, and verify that the new 
entries work. Correct if necessary. 


Prepare the central boot 
directory: 


sudo mkdir /boot/central/efi 


: sudo mount -o bind /boot/efi 
: /boot/central/efi 


: sudo cp ; 
: /boot/efi/EFI/ubuntu/grub.cfg : sudo cp /boot/grub/grub.cfg 


; /boot/efi/EFI/ubuntu/grub.cfg : /boot/central/grub/ 


.bak 


; sudo grub-install /dev/sda ; 
: -boot-directory-/boot/central : 


Make a backup of grub.cfg, 


generate the grub.cfg first for the 
: central boot loader, and 
: afterwards again for Kubuntu. 


3 sudo cp /boot/grub/grub.cfg 
: /boot/grub/grub.cfg.bak 


menuentry "Kubuntu 14.04 amd64 op /dev/sda9" ( 


insmod part gpt 
insmod chain 


set root-!"hd0, gpt5! 
if [ x$feature platform search hint — xy ]; 


then 


cd /etc/grub.d 


. sudo chmod -x $tlinuxt tmemt 
: $proberY tuefir 


; sudo update-grub 


; sudo cp 
: /boot/grub/unicode.pf2 


/boot/central/grub/ 


: sudo chmod tx tlinuxt rmemt 
: sudo chmod -x tcustomt 


sudo update-grub 


central shim. The -d option 
indicates the disk that contains the 


: efi partition, and -p is the number 

; of the efi partition. The efFi 

: partition in my case is /dev/sdb2 so 
: we get: 

3 sudo cp -R 


: /boot/efi/EFI/ubuntu 
: /boot/efi/EFI/central 


; sudo mv 
: /boot/efi/EFI/ubuntu/grub.cfg 


.bak 


; /boot/efi/EFI/ubuntu/grub.cfg 


; sudo rm 
: /boot/efi/EFI/central/grub.cf 


; Prepare the central boot loader 3 
: and create 2 new boot entries, ; 
: called central grub and 


g.bak 


search —-no-floppy —-fs-uuid -——-set-root --hint-bios-hdO,gpt5 --hint-efi-hdO,gpt5 --hint-baremetal-ahci0, gpt5 
£65£89ac-b2b0-4345-949a-6965e3513db3 


else 


search —-—-no-floppy -—-fs-uuid ——set-root £65£f89ac-b2b0-4345-949a-6965e3513db3 


a sr 


set prefix-($root) /grub 
configfile $prefix/grub.cfg 
set efi root-"hd2, gpt2 " 


if [ x$feature platform search hint — xy ]; 


then 


search ——-no-floppy -—-fs-uuid -——set-efi root --hint-bios-hd2,gpt2 --hint-efi-hd2,gpt2 -—-hint- 
baremetal-ahci2, gpt2 EC4E-2E34 


else 


search —-no-floppy -—-fs-uuid -—-—set-efi root EC4E-2E34 


fi 


chainloader ($efi root) /EFI/ubuntu/grubx64.efi 
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sudo efibootmgr -c -1 
WEFIWcentralNvgrubx64 .efi 
-L central grub -d /dev/sdb 


sudo efibootmgr -c -1 
WEFIWcentralVvshimx64.efi 
-L central shim -d /dev/sdb 


Verify the contents of 
/boot/eFi/EFI/central/grub.cfg and 
/boot/eFi/EFl/ubuntu/grub.cfg. 


These files have following content: : 


search.fs uuid 5b686b70-7fdf- : 


495c-afa8-33847392bO6f root 
hd0, gpt1 


set prefix-($root) "/grub" 


configfile $prefix/grub.cfg 
Make sure that uuid and root 

refer to, respectively, the central 

boot partition and the kubuntu 


specific boot partition. Correct if 
necessary. 


STEP 9: INSTALL THE OTHER 
DISTROS 


The next distro I installed was 
secure boot in the BIOS first. 
Installation is similar to the 


installation of the first distro, 
except that vou dont have to 


3 /boot/central, /tmp, and the swap 
: partition, are not formatted again. 


Debian but I was obliged to disable 3 easily switch between Kubuntu, 


: Debian and Windows 10. Enjoy! 


worry anymore about creating files are considered to be insecure 


partitions. Make sure that 


The installers of some distros 


: always format the swap partition. 
: This partition will then get a new 
: uuid. In that case you need to 

: correct the uuid of the swap 

: partition in the /etc/fstab File of 


the other distros. 


Add now a chain loader entry in 3 


: /boot/central/grub/grub.cfg for 

: the new installed distro. Make sure : 
: you use the correct paths: for ; 
: Debian you must replace 

: ubuntu/grubx64.efFi by 

: debian/grubx64.efi. 


Reboot, go in the BIOS, enable 


3 secure boot, and make 
: central shim the default boot 
: loader. 


THE END c 


You should now be able to Frank graduated as a civil engineer, 


mechanical in 1986 and now 
develops software for the big 
Internet routers. He uses Linux at 
home and professionally. He is very 


A last remark: you can not interested to find out how things like 


: combine grub splash images with Linux work under the hood. 


Secure Boot because the image 
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HOW-TO Website With Infrastructure Pt. 3 


Written by John 


j 


N ow that our Linux VM is built 


WHAT EXACTLY IS A WEB 
SERVER? 


A web server is software which 
serves web pages (and potentially 


like videos, packages, ... etc). 


And how does this really 


the "nix family -— means software 
that runs in background (meaning 
there is typically no output on the 
screen, the program runs silently 
without interaction from the user), 
and typically listens on a TCP port 
(more on TCP ports in part 2, 
published last week). 


When a reguest is sent to that 
specific listening port, the daemon 


for a web server, the daemon 
typically sends back a web page. 


WHICH WEB SERVER TO 


: CHOOSE? 
and secure, its time to install : 
the web server. ; 


The most popular web servers 


: are Apache, ngix, Microsoft and 

: Google (list taken from 

: netcraft.com). I am not really 

: familiar with Googless web server 
: offering, and Microsoft is definitely : 
: off the list (try to wonder why!) - so : 
: we get to choose between Apache : 


other files - for example binaries — ; and naix, 


Apache has been around for 


: longer and has the largest market 


? : e ő 
actually work? The web server TUNS : are. Ngix is supposed to be 


as a daemon. "Daemon" - at least in lighter and therefore maybe faster. : 


: .  Ichose Apache for this tutorial — : 
: there is no specific reason why not : 
: ngix, which is also an excellent ; 
: server, other than I personally have : 
: more exposure with Apache ; 
: software in general. 


: INSTALL APACHE WEB 
: SERVER 
wakes up and produces an action — : : 
: — Beforewestart, note that I will. :; 
: also add the commands for ; 
: Centos7. 


; Installing a web server is as easy ; 
; as running this command! 


: sudo apt-get install apache2 : 
: (Centos7 - yum install httpd) : 
: TUNING FIRST 


Make sure to answer Y to 


: continue (or hit enter) 


: server started properly (shown 

: below) - using a web browser, key 
: theIP address of the server (in my 
: example it is 159.203.90.111). 


: CONFIGURATION AND TUNING 3 


Now that Apache is installed, 


: we must tune, configure and 
: secure the web server. 


Typically, tuning is done at the 


: end. Having said this, I personally 
We can now check that the web- : 
: therefore I can end up with a web 
: server thats sluggish - should 
: workload pick up. So letss tune it 


tend to forget about tuning and 


: right now-it w ont have any side 
: effect. 
Edit the file 


Apache2 Ubuntu Default Page 


) n Utuntu 
19 ís derwed. H you 1 
r nu ehould replace this 


neans that the site 
rator 


FTZ yr eractjo bun c 
harhharejdosoathezítExDME, Debian az Refer to ths 
be foundt es manual ! 


The conhauraton igyout for an Apache2 
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/etc/apache2/apache2.conf, and 
add the following at the end of the 
file (for Centosz, its: 
/etc/httpd/conf/httpd.confP): 


sudo vi 
/etc/apache2/apache2. conf 


StartServers 2 

MinSpareServers 6 

MaxSpareServers 12 

MaxClients 80 

MaxReguestsPerChild 3000 
c£/IfModule: 


For these to take effect, save 
the file and restart the Apache 
service with: 


sudo service apache2 restart 
(Centos7: systemctl restart 
httpd) 


What does this all mean? 
e StartServers defines the 
minimum number of child server 
processes created when web 
server starts. 2 works well for me, 
not sure what the default is. 
e MinSpareServers is the minimum 
number of threads waiting for 


the maximum number. Higher the 
number, more load the server can 
handle, however we have to 
balance the values with our server 
resources (1 CPU 8. 512MB oF 


of the default site 
reguests while MaxSpareServers is : 


: Irootdiceberg: /etc/ 
: 1006-default, 


RAM). 6 and 12 work well here. 
e MaxClients is the max number of 


: simultaneous reguests that willbe : 
: served (any additional will be ; 
: gueued). 80 works well here. 
: s MaxReguestsPerChild is the 
: threshold after which a child 
: process will re-spawn. For example, : 
c1fModule mpm prefork module; : as any software, Apache can have ; 
: memory leaks- so restartingthe  : 
: child process after a given number : 
: of reguests served willcleanup : 
: potentially leaked resources. 


3 DISABLE DEFAULT SITE 


It is now time to disable the 


: default site, meaning the page 

: which was served when we keyed 
: in the IP address of the server. 

: Basically we want to do this for ; 
; security and convenience reasons - : 
: when somebody keys in the IP 
: address of my server, I"d rather 
: send the user to my web page then : 
: the default Apache page. 


First we have to find the name 


rootdiceberg: /etc/apache2/sites-enabledt 


apache2/sites-enabledt 1s 


oni 


sudo aldissíte 000-default 


Check the sites-enabled folder — ; 
: itis now gone! ; 


Restart the server (service 


apache2 restart) - basically no 
"site" served anymore, just a folder : 
: browser: 


Index of / 


159.203.90 


5 Index of / 


Name Lastimodiíjed Size Description 


Éj timl  2015-10-05 20-07 


: CREATE OUR SITE 


Our site will be iceberg- 


: tutorial.com (iceberg.com is 

: already taken!), so we will create a 
: configuration file called iceberg- 

: tutorial.conf (note: we could have 
: chosen any name- I just assume  ; 
: that using a configuration filename : 
: with the same name as final site 
: just helps in the long run for 

: maintenance): 


; sudo vi /etc/apache2/sites- 
: available/iceberg- 


: tutorial.conf 


To disable, use: 
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; sudo mkdir 
: /var/www/ iceberg- 
: tutorial/public html/ 


And add all this to the File (in 
Centos7, the folder is: 
/etc/httpd/confF.d) 


; cVirtualHost Y:80- 


ServerAdmin 


: your email(Ghere.com 


ServerName iceberg- 
tutorial.com 
ServerAlias ".iceberg- 


: tutorial.com 


DocumentRoot 


3 /var/www/iceberg- 
: tutorial/public html/ 


ErrorLog 


: /var/www/iceberg- 
: tutorial/1logs/error.1og 


CustomLog 


: /var/www/ iceberg- 

: tutorial/1logs/access.1o0g 
: combined 

: €/VirtualHost: 


What does this all mean? 


: " Apacheis listening on port 80 

: (more below). 

: " ServerName is the name of your 
: website. 

: " DocumentRootis the path where 
: the files of the web server are 

: stored. 

: s ErrorLog defines the path of 

: where error logs are stored. 


We have therefore to create the 


3 path to these folders: 


gyi 5 
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sudo mkdir -p 
/var/www/ iceberg- 
tutorial/logs 


And also make sure these 
folders and files can be read: 


sudo chmod -R 755 /var/www 


And finally enable the site: 


sudo aZensíte iceberg- 
tutorial.conf 


If we try to access the website, 
well get this - this is expected 
behavior since there are no files 
(we created only the folders): 


159.203.90.111 
Index of / 


Name Last modified Size Description 


By default, Apache is looking 
for a file called index.html - lets 
create one: 


sudo vi /var/www/iceberg- 
tutorial/public html/index.ht 
ml 


Key in, for example, Hello 
there", then close and save. 


Refresh the page, you should now 


. see something like this: 


Hello there! 


: OUICK NOTES ABOUT TCP 
: PORTS 


We already spoke about TCP 


3 ports in the previous article. A 
forma "AMNON open is nmap. To scan the First 
; 1000 ports, type: 


great tool to check what ports are 


; sudo nmap localhost 


5 and you will see which ports are 
: open. 


We can see here that 22 (SSH) 


and 80 (http) are open- which is 
: expected. 


To scan other port ranges, you 


5 can use the -p option (ex: nmap -p 
: 2000-3000 localhost). 


: VIRTUAL SITES 


It is possible to host several 


. sites on the same server. Since the 
: server has a unigue IP address, the : 
: originating URL will help Apache 
: goto the right site - in other 

: words, serve the pages from the 
: correct folder. 


So we can have several 


3 configuration files in the folder 
: /etc/apache2/sites-available/ 


For example (remember that 


; iceberg-tutorial.conf 


. DocumentRoot 


: /var/www/iceberg- 
: tutorial/public htm1l/ ... 


: wnatever-site.conf 


. DocumentRoot 


; /var/www/whatever— 
: site/public htm1/ ... 


If the originating URL is 
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SECURITY 


What would a web server setup 


: be without security? It would 

: probably be like leaving your car in 
: the garage with the keys on the 

: ignition — somebody may steal the 
: caror not. Maybe its not a great 

: analogy, but vou probably got the 
: point! 


Apache is open source 


i k : software, therefore it is very easy 
: for maintenance reasons, the name : 


: of the folder is the name of the 
: URL itself): 


to add modules and there are a 


: bunch of security modules 
: available. 


Remember however that 


: security is not foolproof -itis only 
: a mitigating factor— so you must 

: pro-actively check the system logs 
: fForintrusions or attempts of 

: intrusion. Let"s make another 

: analogy -its like vou purchased 

: that outstanding vault. Breaking 


; ; : : into that vault will be difficult, but 
: www.iceberg-tutorial.com, Apache 


: will serve the pages from 

: /var/www/iceberg- 

: tutorial/public html[/, while, if the 
: originating URL is www.whatever- 
: Site.com, Apache will serve the 

: pages from /var/www/whatever- 

: Site/public htm[/ 


: iFan attacker has enough time and 
: the right skills, he could potentially 
: break inside. Same here — check 

: freguently your system logs (more 
: in the howto article on that). 


: OUT OF THE BOX SECURITY 


By "out of the box" is meant 
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that no download is reguired - just 
add all below to the end of the file 
/etc/apache2/apache2.conf: 


ServerTokens Prod 
ServerSignature Off 


FileETag None 
TraceEnable off 
Timeout 60 


SDirectory /: 
Options None 
AllowOverride None 
Order deny, allow 


cXxLimitExcept GET POST 
HEAD: 

deny from all 

£/LimitExcept: 
£/Directoryz 


LoadModule headers module 
headers.so 


Header edit Set-Cookie "(.t)$ 
$1; HttpOnly; Secure 


Header always append X-Frame- 
Options SAMEORIGIN 


Ouick comments what all this 
means 
e ServerTokens and 
ServerSignature will not disclose 
the Apache version (signature of 
web server will be just Apache). 
This avoids giving an attacker 
information regarding specific 
exploits available for your version 
(eg: just making this up -— version 


1.4.2 has the XXX known 
vulnerability). 


: e TraceEnabled doesntt allow 

3 debugging (additional trace) and 

: TimeOutis probably self 

: explanatory! 

: e The Directory directive adds 

3 restrictions on root folder. 

: a As explained earlier, Apache can 

3 easily be enhanced with modules. 

: Here we ask Apache to load the 

: headers module, which will be 

: used in the 2 commands below 

: (Header Edits ... and Header 

: always ...) in order to block XSS or 
3 using iFrames attacks. Il am not an 

: expert on these topics -— my 

: recommendation is copy-paste the 
/usr/lib/apache2/modules/mod : entire line (Header Edits ... and 

3 Header always ...) into Google for 
: more details. 


: ADDITIONAL SECURITY — 
: MODULE MODSECURITY FOR 
: APACHE 


Extremely popular for Apache 


: servers (and maybe others), 

: ModSecurity is a must-have 

: module. Note this is not 

: mandatory, however I highly 

: recommend installing it (its free 

: and it adds security — so why not?). 


Once ModSecurity is installed, it 
doesnt do anything out of the box 


3 - you must turn on what options 
: you need. To make things easier, 
; common rules (also called CRS - 

: Core Set Rules) are available and 
; just need to be turned on. 


There are many websites with 


all the instructions on how to 

: install ModSecurity and turn on 

: CRS - for all step-by-step 

: instructions, please follow the link 
: below (there are many other ; 
: tutorials available online on how-to : 
: proceed): 

: https://www.digitalocean.com/co 
: mmunity/tutorials/how-to-set-up- 
; modsecurity-with-apache-on- 

: ubuntu-14-04-and-debian-8 


: CLEANUP AND SOME 
: STATISTICS 


; The folder /var/www/iceberg- 
: tutorial/logs will start Filling up 
with logs: 


rootgiceberg ar w/i1ceberg-tu 


Check out access.109- you 


; should see the IP address from 
: which you have accessed the web 


server (meaning the IP address of 
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where the browser ran) — cool 


. stuff, isnt it? 


We can now also run statistics — 


: what pages were open, IP source, 

: browser info, ... etc. OF course, you 
: can use Google analytics; however 
: as a pure geek, I personally 

: enjoyed browsing the web logs to 

: get my own stats. 


Note that the log file size will 


Ö continue increasing — so we must 
: clean it up. This very small script 


(shown on the next page) will count 


: all unigue access to the web server 
: and then compress the log. Its a 

: bashjob, alllines starting with st 

: are comments. Once the script is 

: created, you can add the script to a 
: cron job to run daily: 


: FINAL NOTE — WEBSITE 
: REGISTRATION AND DNS 


Once the web server is set up 


3 and pages ready, you will probably 
: register a website name - it is 

3 easier to remember www.iceberg- 
: tutorial.com rather than 

: 159.203.90.111. 


In order to do this, find your 


: favorite website registrar online, 


and follow all the steps (you Il have 


rni contents 5 


HOWTO - WEBSITE WITH INFRASTRUCTURE 


to pay something - usually its 
around $15 for one year). 


You will then have to also set up 3 


a DNS entry at Digital Ocean - this 
is the link which controls where 
the browser will jump to — when 
anyone tries to access 
www.iceberg-tutorial.com (no 
additional charge - free at last!). 


All information on theses steps 
is very well explained here: 
https://www.digitalocean.com/co 
mmunity/tutorials/how-to-set-up- 
a-host-name-with-digitalocean 


I hope you have enjoyed these 
articles and that you will create 
your own website, from scratch! 


t!/bin/bash 
cd /var/www/iceberg-tutorial/logs 
t Get the current date in format YYYY-MM-DD 
MYDATE-$ (date t4t23Y-$m-$d) 
tGet some stats 
Do not count any bot (grep -v bot) 
Do not count any internal IP V6 access "::1" 


Do not count me grep -v 159.203.90.111 


Sort all IPs 
Keep only unig IPs 


Count them and add to file using ££ (which means "append"). Caution : would mean 


tt 

tt 

th 

t Print 1st field (that is the IP addresses 
ht 

tt 

tt 

"overwrite" 


t ---5 The file statistics.txt will keep for each day the total number of unigue IP 
addresses which have accessed the web site 


RESULT-$(cat access.1log I grep -v -i "bot" I grep -v "::1" I grep -v 159.203.90.111 I 
gawk "íprint $1)" ] sort I] unig I] we -1) 


echo $MYDATE " " $RESULT 55 statistics.txt 

$H Compress the log 

cat access.log ] xz : access  S$MYDATE.xz 

t Truncate the file (basically it is like rm file €€§ touch file) 


:5access.1log 
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Ubuntu-Based Minimal Install 


Written by Curtis Patranella 


he best way to be secure on 
your computer is to control 


control, I would suggest starting 
oFff with an Ubuntu Minimal Install 
and build upon that. 


Il chose Ubuntu because it (and 
its derivatives... like LinuxMint) is 
(in my opinion) the most user- 


very easy to get support from the 
forums; the repositories contain 
most of the useful software; new 


you can install via .deb files (akin 
to M$ .exe/.msi Files); you can 
easily create the flavor you want, 
AND they offer a Minimal Install 


disk containing a very base system 3 


you can build on. 


is reguired to boot and use the 
base system. There are no music 
players, office suites, picture 
viewers, etc... Heck, there isnt 
even a desktop or graphical login. 
It is command-line only. 
HOWEVER, this can EASILY be 
changed. You add what you want. 


: itall together as a tbuntu Minimal 
: Install Guide. Why the "" in front 

: oF"buntu"? Because you can turn 

: the Minimal Install into any flavor 

: oF"buntu" you want. You can 

: create a "homebrew", Xubuntu, 


j ; ; .  § Lubuntu, Kubuntu, Openbox, etc. 
friendly Linux distro out there. It is : 


: showyou how to do a Minimal 
: Xubuntu Install. IFyou want 

repositories/PPAs are easy to add; ; something else, this guide will still. : 
: use Unetbootin to create a 


bootable USB thumbdrive. 


3 be of use to you, and then you can 
; alter what I have listed below in 
: the customization section. 


: From here: 
: https: 

The Minimal Install does not put : 
ANYTHING on the disk except what : 


3 packages on Mini.iso (Ubuntu 
: 15.04) here: 
: http://packages.ubuntu.com/vivid; : 


3 ubuntu-minimal 


I have spent a very long time 


it out, etc, and have decided to put : 


For this guide, Il am going to 


You can download the Mini ISO 


help.ubuntu.com/communi : 


ty/Installation/MinimalCD 


Get a list and description of the : 


To see what packages are 
included as the Depends for 


: Xubuntu, you can use this 
: compiling this information, testing : "ommand: 
what is installed on it. For the most : 


: apt-cache show xubuntu- 
: desktop ] grep "Recommends" 


and choose "Install". Note: the 


apt-cache show xubuntu- 


; desktop ] grep "Depends" 


To see what packages are used 


: as Recommends for Xubuntu, you 
: can use this command: 


: CREATING THE BASE SYSTEM :; 


Either burn the ISO to disk, or 


Make sure your computer is 


3 connected to the Internet via an 
: Ethernet cable. 


Choose your language, 


3 territory, and keyboard layout at 
: the prompts. 


Name your computer. 


Choose the Mirror (simply 


: select your country if possible). 


Set proxy (or leave blank if none 


: are needed). 


This is a net install, so it will 
then begin downloading 


components to install. 


Fill in the name you want to 


: use. 


Choose your username. For 


: Security purposes, you can choose 


: a username other than your first 


Boot to the minimal install disk 3 


"Tab" key will cycle through 


: answers, and "Enter" will select the i 
: answer you have highlighted. In 


some areas, you can use the 


: left/right arrow keys to choose 
: between "Yes", "No", and "Go 
: Back". 
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name. Think about it, half of 


: logging into your computer is 
: knowing the username. The other 


half, of course, is knowing the 


: password. 


Choose your password. I like to 


: make my passwords something I 
: can remember, but are not easy to 


guess or emulate. For example, I 
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might pick a phrase like: "I hate 
Mondays", but will change it so 
that, even if someone knows you 
hate Mondays, they will have a 


hard time figuring out how you did 3 


your password. "I hate Mondays" 
can turn into "Iho3mondez". This 
way you are using (no repeat) 
numbers, letters, ssmbols, and 
capitalization for your password. 


You are then given a choice to 
encrypt your Home directory. I 


boots to a live CD on your system; 
takes your drive; etc. they will not 
be able to access your files in your 


Home Folder without finding a way : 
confirm the changes to be made. 


to decrypt it. 


Confirm or change your 
timezone. 


NOTE: At this point, prior to 
moving on, you may remove your 
USB thumbdrive. The reason you 
may wish to do this, is because 
there are occasions in which Grub 
gets written to the thumbdrive 
instead of the hard drive. IF you hit 
enter and moved on to "Partition 
Disks", you can "Go Back" to the 
timezone, remove your USB 
thumbdrive, and proceed. IF you 


USB thumbdrive still connected, 


and Grub was written to the USB 
thumbdrive... dont worry, it is an 


: easy fix that will be listed in 


"Troubleshooting" at the end of 
this Guide. 


"Guided - use entire disk and set 


: up encrypted LVM". This will 

: encrypt the installation and 

: reguire a passphrase in order to 
: bootthe computer. 

would say yes... this way, if anyone : 


You will then be asked to 


: change or confirm the amount to 
: use for the guided partition. I 

: would just select continue (unless 
: you have other plans). 


You will then be asked to 


3 confirm the changes to be made. 
continued the installation with the 


You will now need to choose 


how you want to manage upgrades 
to the system. I would NOT choose 


: Landscape. Landscapeis a 

: proprietary web service. I generally : 
: choose "nstall security updates ; 
: automatically", butyou dont have :; 
; Partition Disks: Unless you have : 
: other plans, I would choose ; 


to. 


skip it (choose "Continue"), and 


: move on. 


USB thumbdrive (if you did not 


: remove it), and choose "yes". IF it 
: accidentally writes to the USB 

: thumbdrive, we can fixitin the 

: troubleshooting section. 


You will then be asked to 


3 confirm the UTC clock settings. 


You will then be prompted to 


: remove any installation media and : 
: reboot. 


CUSTOMIZING THE 


INSTALLATION 
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Here is where we are going to 


3 make your system shine the way 
you want it. Here you can create 


the desktop you want with the 


; programs you want. As stated 
: earlier, I will be setting up a 
:  Minimal Xubuntu system. You can 
: alterthis as you get to the 
3 Next, you will be asked to make 3 EÉSÉKeiKA kás öFthié 
: a software selection. Here you can : 
: choose to install a full system, 
: server, etc. The idea here is to do 
: aninstall that you fully control, so 
; DO NOT SELECT ANYTHING. Just 
; It will then ask you to select the : 
: disk (usually there is only one 
: choice... unless you left in your USB : 
thumbstick). You willthen need to : 


: customization. 


After rebooting, You will be 


: brought to the commandt-line login 
: prompt. Putin your credentials 

: and login. At this point you have a 
: couple of options on how you wish 


You will then be asked to install 3 kör précsed 


: the Grub Boot Loader to the MBR. 
: Make sure it does not write to the 
; IF you chose encrypted LVM, you : 
: will now need to provide a : 
: passphrase. I would do this in a 
: similar fashion as I suggested 

: above with the password. 


You can: 


: s Hand-typein all of the 

: commands. 

: e Run a script. (I will provide a way 
: foryou to get a script in the script 
: section). 

3 e Copy and paste the commands. 


NOTE: your best bet is to use a 


3 pre-made script (discussed in the 
: Script section). 


The problem with options "2" 


: and "3" above, is that you have no 
: ability at this point to access a text 
: file or script. In order to do this, 

" you are going to have to mount a 
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USB thumbdrive. The trick at this 

point though is... it will not auto- 

mount. No worries. IF you want to 
mount a USB thumbdrive, do the 

following: 


Plug in the USB thumbdrive. 


Type in the command: 


sudo fdisk -1 


NOTE: You are looking for a 
partition like "/dev/sdb1", 
remember what it is called (most 
likely "/dev/sdb1"). 


Create a mount point: sudo 
mkdir /media/usb 


Mount the USB thumbdirve: 


sudo mount /dev/sdb1 
/media/usb 


Change to the USB directory: 


cd /media/usb 


You can now list the files 
contained there by typing in: Is 


You can now run any "sh" script 
with the command: sh filename.sh 
(replacing "filename" with the 
name of your .sh file. 


IF you choose the copy/paste 
method, you may run into some 


issues... however, "nano" is 

: installed by default. To edit a text 
: File, you would use the command 
: "nano filename" (without the 

; guotes, replacing "filename" with 
; the name of the file). 


When you are done with the 


: sudo umount /media/usb 


Here is the step-by-step 


3 commands we are going to use 
: (refer to the Script section for 
: automating this process): 


NOTE: There are a couple of 


: ways you can install from the 

: command-line. Each one has its 

: lovers and haters. Each one hasits 
: perks and disadvantages. They are : 
: as follows: ; 


; sudo apt-get install --— 
: install-recommends 
: packagename 


sudo apt-get install -—-no- 
install-recommends 


. packagename 


I apt-cache show packagename 


; sudo apt-get install 
: packagename 


This is the standard method of 


3 installing packages, suggested 
: packages will be listed, but not 
: installed. 


For this guide, Il am going to 


: CUSTOMIZING THE SYSTEM 
: (PART 1) 


: This installs a package and all of : 
: its recommends. This may install a 
: large amount of files, some of 


: which you may not need. 


less computer resources), etc. I am 
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choosing these packages due to 


. functionality, small footprint, 
: customization abilities, and 


This installs the bare essentials 3 security. 


: ofa package. Itis alighterinstall,  : 
: butthe program may not have the 3 
: Functionality you expect. Youcan : 
: see what reguirements or 

: recommends a package may be 


; : : missing by using the command: 
: USB thumbstick, you can unmount : 


: itwith the command: 


The Beginning: 
The First thing we need to do is 


5 update the Repositories with the 
: command: 


: sudo apt-get -y -—-force-yes 
: update §€§§ sudo apt-get -y -—-— 
: force-yes upgrade 


The second thing we need to do 


3 is install the Depends. 


Warning (1): I ran into a few 


3 issues during test installs. I believe 
: lnarrowed down the problems. 
: One of the problems was that the 


fo. . package "ubuntu-extras-keyring" 
: simply use this command (for most : 


: things): sudo apt-get install 
: packagename 


: could not be found. Watch for this 
: while running a script, as it will 
: cause an error where the Depends 


3 : will notinstall. I read a few posts 
IFyou wish to do otherwise, you : 


: : saying that "ubuntu-extras- 
: are free to do so. k 58403 


: keyring" has been removed from 
: the core install. It is listed in the 
: Depends below, but it might be 
: advisable to remove it from the 
: install (I removed it in the Scripts 


The packages you decide to use : section below). 


3 can be based upon your desire for 
: security, minimal footprint (uses 


Warning (2): Another issue I 


: had was related to policykit-1 and 
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dpkg. ! believe I resolved it by 
adding "policykit-1" to the 
Depends install (which was not 
listed in the official, original list oF 
Depend5). 


It is my understanding that you 


1: 


METHOD 1: (NOT TESTED, 
BUT SHOULD WORK) 


Type in the command: 


sudo apt-get install -—-—no- 
install-recommends xubuntu- 
desktop 


This supposedly installs only 
the Xubuntu Desktop (you can 
substitute "ubuntu-desktop" or 
"ubuntu-desktop" for "xubuntu- 
desktop") 


METHOD 2: (THE ONE I 
TESTED AND KNOW WORKS) 


First, let"s install Policykit 1 to 
make everything else work more 
smoothly: 


sudo apt-get install 
policykit-1 


To install the Depends, Type the 


. Command: 


; sudo apt-get install alsa- 
: base alsa-utils anacron bc 
: ca-certificates dmz-cursor- 
: theme doc-base foomatic-db- 
: comressed-ppds genisoimage 
can install the Depends a couple of : 
ways, but I have not tested Method : 


: selector-gnome libasound2-— 

: plugins libpam-systemd 

: libsas12-modules libxp6 

: memtest86t openprinting-ppds 
: pnutils printer-driver-— 

: pnmgppa rfkill software- 

: properties-gtk ubuntu- 

: dvivers-common ubuntu-extras- : 
: keyring update-manager 

: wireless-tools wpasupplicant 
: xdg-user-dirs xdg-user-dirs- 
: gtk xkb-data xorg zenity 


ghostscript-x gtk2-engines- 
pixbuf inputattach language- 


My suggestion is that you 


: actually use all of the Depends 

: (except "ubuntu-extras-keyring")... 
: butifyou feelyou can leave some 
: out, so beit. 


: THE RECOMMENDS 


How you want to handle the 


: Recommends is up to you, but! 
: think there is guite a bit of room to : 
: trim the fat here (which I already 
: have done to a degree). In the list 
: below, I removed Recommended 
: Packages (like "abiword", 

: "gnumeric", etc), and moved others : 


(like "catfish", and "blueman", etc) 


to another section, to make it 
easier for you to have a system 


: thatis 10096 bare-bones if you 
: wantit, or full of every bell and 
: whistle you desire. 


: grief (ifyou decide you want them, : 
: thatss cool too). 


: BASIC RECOMMENDS 


Note: I added gdebi, aptitude, 


and synaptic to this list for better 
: package support. 


: sudo apt-get install acpi- 

: support app-install-data- 

: partner apport-gtk apt- 

: offline avahi-autoipd avahi- 
: daemon desktop-file-utils : 
: gdebi gvfs-backends gvfs-fíuse : 
: im-config kerneloops-daemon 
: laptop-detect libnotify-bin 
: libnss-mdns libpam-gnome- 

: keyring libxfce4ui-utils 

: policykit-desktop-privileges 
: pemciautils aptitude synaptic : 
: software-center update- 

: notifier whoopsie xcursor-— 
: themes xdg-utils 


full circle magazine 4102 o 28 


OTHER RECOMMENDS 


; sudo apt-get install espeak 
: fonts-droid fonts-liberation 
: fonts-opensymbol gcc speech- 
: dispatcher ttf-ubuntu-font- 
: family light-locker light- 

: — Ihave divided the Recommends ; J9cker-settings make mugshot 
: into what I believe are your Basic 
: Recommends and your Other 

: Recommends. The Basic 

: Recommends will provide the 

: functionality vou may be used to, 
: and the Other Recommends can 


: probably be left out without much : 


: kubuntu-community-wallpapers 
: kubuntu-docs xubuntu-icon- 
: theme 


Note: You can use 


: "xscreensaver xscreensaver-gl- 
; extra xscreensaver-data-extra 


xscreensaver-screensaver-bsod" 
instead of "light-locker light-locker- 


: settings" which is lightdm 
; dependent. 


: SUMMARY SO FAR 


At this point, you will have a 


: command-line OS installed on your 
: system. There are no programs to 

: speak of... no browser, no PDF 

: viewer, no text program (aside 

: from Nano), etc. 


; IMPROVING THE SYSTEM 


This is the point in which we will 


: turn a very, very basic system into 
: our workhorse. Keep in mind that 

: you can alter most of the program 
: options I list below. For example, 

. instead of using xfce4-terminal for 
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your terminal, you can use xterm, 
and so on. 


Most of the items below are 
optional, install only what you 
believe you want and will use. Il am 
simply providing enough 
information so that people can 


build a fully functional system that ; Plug-ins: 


they are generally accustomed to, 
without the bloat of alot of 
programs they won t use. 


To Compile and Install from 
Source: 


sudo apt-get install build- 
essential checkinstall cvs 
subversion git-core mercurial 
automake autoconf libtool 
pkg-config libcurl4-openss1- 
dev intltool libxml2-dev 
libgtk2.0-dev libnotify-dev 
libglib2.0-dev libevent-dev 
gec 


Install Archive Management: 


sudo apt-get install unace 
rar unrar p7zip p7zip-fíull 
p/7zip-rar sharutils uudeview 
mpack arj cabextract file- 
roller unzip zip 


Install a Terminal: 


sudo apt-get install xfce4- 
terminal pastebinit 


Install a Desktop Environment: 


sudo apt-get install fonts- 
dejavu-core fonts-Íreefont- 


: ttf£ xfce4-appfinder xfce4- 

: notifyd xfce4-panel xfce4- 

: session xfce4-settings 

: kfdesktop4 xíwm4 xubuntu- 

: artw hork xubuntu-default- 

: settings xfce4-power-manager 


Install Desktop Environment 


: sudo apt-get install xfce4- 
: epugraph-plugin xfce4-dict 
: xkfce4-indicator-plugin xfce4- : 
: mailwatch-plugin xfce4- ; 
: netload-plugin xfce4-notes- 
: pIlugin xfce4-places-plugin 
: kfce4-guicklauncher-plugin 
: xfce4-sereenshooter xfce4- 
: ssstemload-plugin xfce4- 

: taskmanager xfce4-verve- 

: plugin xfce4-volumed xfce4- 
:  wather-plugin xfce4- ; 
: wiiskermenu-plugin xfce4-xkb- : 
: plugin indicator-application 
: indicator-messages indicator-— : 
: power indicator-sound § 


Install File Management: 


: sudo apt-get install catfish 
: gigolo thunar thunar-volman 
: tumbler thunar—archive-plugin : 
: thunar-media-tags-plugin : 
: menulibre 


; sudo apt-get install lightdm 
: lightdm-gtk-greeter 


Install Print Capabilities: 


: sudo apt-get install cups 

: cups-bsd cups-client cups- 

: filters printer-driver-c2esp 
: printer-driver-foolZzjs 

: printer-driver—-min12xxw 

: printer-driver-ptouch j 
: printer-driver-pxljr printer- : 
: drviver-sag-gdi printer- 

: dvyiver-splix simple-scan 

: ssstem-config-printer-gnome 
: hplip 


Install Bluetooth: 


; sudo apt-get install blueman 
: bluez bluez-alsa bluez-cups 


Install Networking Tools: 


: sudo apt-get install network- : 
: manager-gnome network- 
manager-pptp network-manager- : 


: forked from TrueCrypt. There is 

: also a nice password vault called 

: Keypass2. IF you are interested in 
: these programs, you will want to 
: add the following PPAss: 


: pptp-gnome 


Enhance Sound Capabilities: 


: sudo apt-get install 

: gstreamer0.10-plugins-base- A 
: apps gstreamer0.10-pulseaudio : 
: pavucontrol 


Install Basic Utilities: 


: sudo apt-get install gnome- 
Install a Desktop Manager (for a JEE a 


3 Graphical Logon): 


Install a Browser: 
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sudo apt-get install firefox 
firefox-1locale-en xul-ext- 


. ubufox 


NOTE: IF you want to watch 


: Netflix, you will need to install 
: Chromium (or Google Chrome) 


: sudo apt-get install 
: ehromium-browser 


Install Conky: 


; sudo apt-get install conky- 
: all cur1l 1m-sensors hddtemp 


IFyou have a laptop, you may be 


: interested in enhanced power 
: management via TLP. You may also 


be interested in a great encryption 


: program called VeraCrypt that was 


: sudo apt-add-repository -y 
: ppa:linrunner/t1p 


; sudo add-apt-repository 
: ppa:unit193/encryption 


; 8 ; sudo apt-add-repository 
: ssstem-tools gtk-theme-config 


j : ppa:jtaylor/keepass 
: gucharmap ű 


You will then want to update 


the repositories: 


ri contents 5 


HOWTO - UBUNTU-BASED MINIMAL INSTALL 


sudo apt-get -y -—-force-yes 
update §§ sudo apt-get -y —-— 
force-yes upgrade 


Install Basic Applications: 


NOTE: The following 
applications cover security, 
encryption, passwords, basic 
functionality, etc. 


sudo apt-get install gnome- 
calculator rsync grsync 
seahorse gufw parcellite 


unetbootin extlinux filezilla : 


veracrypt leafpad xfburn 
gparted gmountiso keepass2 
deluge tlp tlp-rdw 


Install Other Applications: 


sudo apt-get install mousepad : 
libreoffice-calc libreoffice- : 


pdfimport libreoffice-writer 
libreoffice-gtk pinta vlc 
evince ristretto orage 
thunderbird 


Install Media Codecs, DVD 
Playback, and (if you desire) Java 
and Flash: 


NOTE: A lot of this can be done 
via installing "ubuntu-restricted- 
extras", but I wanted to give you 
more control. 


sudo apt-get install 
flashplugin-installer 


: openjdk-—-8-jdk ffmpeg 

: gstreamer0.10-plugins-bad 

: lame libdvdread4 libavcodec- 
: extra gstreamer0.10-fluendo- 
: m3 gstreamer0.10-plugins- 3 
: ugly gstreamerl1.0- -£luendo-mp3 — 

: gstreamer1.0-1libav 

: gstreamer1.0-plugins-bad 

: gstreamer1.0-plugins-ugly 

: libavcodec-ffmpeg-extra56 

: gstreamer0 . 10-plugins-bad- 

: multiverse libav-tools 

: cehromium—-codecs-ffmpeg-extra 
: oxidegt—-codecs-extra 


Note: as an option you can also 


3 install M$ Core Fonts via: 


; sudo apt-get install ttf- 
: mscorefonts-installer 


Clean Up the System: 


; sudo apt-get autoclean €§6§ 
: sudo apt-get clean §£§ sudo 
: apt-get autoremove 


: REBOOT THE SYSTEM 


After Reboot, you can then 


: make some final configurations 
; and enjoy your system. 


: SUMMARY SO FAR 


You now have a full-fledged, 


on to some last minute tweaks and 


customization. Once you are 
booted up to your nice, new 


: desktop, you will need to open the : 
: terminal and then we can finish up. 


Enable DVD Playback: 


sudo : 
: /usr/share/doc/libdvdread4/in : 
: stall-css.sh i 


Start TLP for Laptops: 


: sudo tlp start 


Make a Directory for Adding 


3 Fonts: (Just place new fonts in this ő 
: folder and they will be available to 


: you) 


; mkdir -/.fonts 


Create a Directory for Source 


: Compiling: 


; sudo chown $USER 
: /usr/1local/src 


; sudo chmod utrwx 
: /usr/1local/src 


Copy Files: 


NOTE: You will want to edit the 


ö copied .conkyrc file, not the 
: original. 


: working system. We can now move ; 
:" ep /etc/conky/conky.conf 


"/ .conkyrc 
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: http: 
: g settings.html 


: http: 
: bles.html 


Activate Sensors for Conky: 


: sudo sensors-detect 
: sudo service kmod start 


; sudo chmod uts 
: /usr/sbin/hddtemp 


You can get a list of all installed 


: packages by using: 


; dpkg --get-selections - 
: v/Downloads/list.txt 


Edit Conky: 


NOTE: There are a lot of 


interesting scripts you can find on 
: the Internet. Find information at 
: the following links: 


conky.sourceforge.net/confi 


conky.sourceforge.net/varia 


; leafpad -r/.conkyrc 


Thats it, were done. Enjoy! 


: TROUBLESHOOTING 


Things rarely go 10096 smooth 


3 and easy. If you run into a few 
: problems that may occur during 
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installation, hopefully these tips 
can help you out. 


Grub on the USB thumbdrive and 
now you cannot boot into Linux. 


Solution: Plug your USB 
thumbdrive back in, boot the 
computer, and then remove the 
USB thumbdrive. 


Open a Terminal: 


sudo grub-install /dev/sda 


Reboot the computer and all 
should be well. 


Problem: You are booting to a 
black screen. 


Solution: Boot to Grub (hold 


"Shift" while booting), press "e" for 3 


Edit. Add "nomodeset" (no 
guotation marks) before "guiet 
splash" and then press F10. It 
should then boot to the initial 
command prompt. If it is still doing 
it after vou have completed 
installing vour system, you will 
need to correct drivers or 
permanently edit Grub. 


Problem: When you unplug your 
wired Ethernet cable, the 


computer takes a long time to 
boot due to a "locating network" 


: issue and/or you have no Internet : 
Problem: You accidently installed : ; 
: cable) even though the wireless 
: seems to be connected. 


(after removing the Ethernet 


Solution: This can be fixed by 
I doing the following: 


; sudo leafpad 
: /etc/netw ork/interfaces 


Comment out (3) all of the 


3 items except "auto lo" and "iface lo 3 
: inet lbopback" ; 


Reboot... This should resolve 


the issue. 


: SCRIPTS 


Even though! have an IT 
background, I am an extreme noob 


: when it comes to writing Linux 
: scripts. Bash/SH Scripts are akin to : 
: M$ Batch Files. The pound 

: sign/hashtag (tt) is used for 
: comments. 


Below I will show you how to 


: create an Installation Script to 

: make your life easier when 

: installing your system. You can 

: create a file called [whatever you 


wantl.sh and copy the text into the 


file and save it. Be careful to insure 
that the format of your .sh file 
resembles my text. 


NOTE: I would choose a name 


NOTE: There are (Im guessing) 


: millions of people better at writing ; 
: scripts than me, and if you are one 
: of them, PLEASE write a better 

: one. The only issues I have had 

: with mine are: 

: s Sometimes, not everything 

: installs (probably due to me 

: putting in an errant "return", etc). 
: One solution I have found is to 

: break the script down into several 
: batches of installations instead of 
: a huge installation segment. 

: Breaking the scripts into many 

: pieces also comes in handy when 

: troubleshooting during an Install. 
: s Sometimes I put the cart before 

: the horse, and some things cannot 
: occur because the prereguisites 

: Were not met. I solved this by 

: breaking my scripts down into 


multiple scripts, so that you can 
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launch each script after the 


prereguisites are done (like 
: needing to reboot). 
: e l cannot automate everything 
: : (like inserting text into a specific 
: thatis a single word or hyphenated : 
: text. For example: IF you want to 
: name it "Lame Script This Guy 
: Wrote.sh", it would be better to 
: nameit 
: "lamescriptthisguywrote.sh"... as 
: For me, I would pick something 
: simple like, "basicinstall.sh". 


place in a populated file), and so 


3 there are things that (at least for 
: me) have to be done manually. 


NOTE: If necessary, you can 


: make the script executable by 

: running the command: chmod 14x 

: [filename)].sh (though I havent run 
: into the need so far). 


NOTE: Run the script with the 


: command: sh filename.sh 


Do NOT run the script as sudo. 


The various commands will use 
; sudo when needed. 


Below is an example of how to 


: make a Script File. 

: e Create a blank document, and 

: name it whatever you want, with a 
: sshatthe end (example: 

: filename.sh). 

3 e Open the empty document with a 
: text editor (leafpad, etc) and the 

: very first line should be: 

: H!/bin/bash 

: e Hit "Enter" to go to the next line. 
: From here, you can fillin the 

: commands you want to run in the 


script. 
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EXAMPLES OF SCRIPT FILES 


If you want to change any of the 
programs listed, feel free to do so. 


5 Hopefully you will have a lot of fun : 
: creating your own Homebrew : 
: System. It is my intention to write 


BASIC INSTALLATION 


Copy the entire segment of text 3 
from "H!/bin/bash" through to 
"HEnd of Script". 


copy the entire segment of text 
from "1!/bin/bash" through to 


: "HEnd of Script") 


Well, thats it for now. 


another article expanding on this 


: one, perhaps getting into 
: tweaking/customizing the install, 


: induding things you can do with 


Shown top right on this page is 
an example of an After Installation 
(and After Reboot) Script. Again, 


$!/bin/bash 


$Update Repositories: 


echo "Updating Repositories." 


5 Firefox, writing a Conky script, etc. 


sudo apt-get -y -—-force-yes update 
sudo apt-get -y --force-yes upgrade 


HInstall Necessary Depends: 


echo "Installing Necessary Depends." 
sudo apt-get install policykit-1 
sudo apt-get install alsa-base alsa-utils anacron bc ca-certificates dmz-cursor-theme doc-base foomatic-db-compressed- 
ppds genisoimage ghostscript-x gtk2-engines-pixbuf inputattach language-selector-gnome libasound2-plugins libpam- 


systemd libsas12-modules libxp6 memtest86t openprinting-ppds pm-utils printer-driver-pnm2Zppa rfíkill sofítware- 


$!/bin/bash 


HActivate DVD Playback: 
sudo /usr/share/doc/libdvdread4/install-css.sh 


$Start TLP for Laptops: 
sudo tlp start 


H$Make Directories: 
mkdir -r/.fonts 


HDirectory For Source Compiling: 
sudo chown $USER /usr/local/src 
sudo chmod utrwx /usr/local/src 


HCopy Files: 
cp /etc/conky/conky.conf -/.conkyrc 


HActivate Sensors for Conky: 
sudo sensors-detect 

sudo service kmod start 

sudo chmod uts /usr/sbin/hddtemp 


HCan get a list of all installed packages by using: 


dpkg -—-get-selections 5: -/Downloads/list.txt 


HEdit Conky 
leafpad -/ .conkyrc 


HEnd of Script 


properties-gtk ubuntu-drivers-common update-manager wireless-tools wpasupplicant xdg-user-dirs xdg-user-dirs-gtk xkb- 


data xorg zenity 


$HInstall Basic Recommends: 


echo "Installing Basic Recommends." 
sudo apt-get install acpi-support app-install-data-partner apport-gtk apt-offline avahi-autoipd avahi-daemon desktop- 
file-utils gdebi gvfs-backends gvfÍs-fuse im-config kerneloops-daemon laptop-detect libnotify-bin libnss-mdns libpam- 
gnome-keyring libxfce4ui-utils policykit-desktop-privileges pcmciautils aptitude synaptic software-center update- 
notifier whoopsie xcursor-themes xdg-utils build-essential checkinstall cvs subversion git-core mercurial automake 
autoconf libtool pkg-config libcur1l4-openss1-dev intltool libxm1l2-dev libgtk2.0-dev libnotify-dev libglib2.0-dev 


libevent-dev 


HEnd of Script 
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unparalleled search functions 

Option to download any eBook for just $4.99 
for a limited time 
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ACCESS 


WA 


his month were going to start 


looking at Live Path Effects 
(LPEs). These are a way to add 
more powerful capabilities to 
paths - such as drawing a pattern 
that follows a path (for creating 
ropes and chains), or rendering a 
path as though its been roughly 
sketched. There are 13 LPEs in 
version 0.48, increasing to 15 in 
0.91 with a slight change of UI as 
well. 


Lets dive straight in with a 


relatively simple LPE: Spiro Spline. 5 


Draw a path using Bézier tool, 


consisting of straight lines forming : 
: little underwhelmed to see that 
: theress been no change to the 

: appearance of your spiral. This is 
: because the spiro algorithm works : 
: only on paths where some of the 

: nodes are smooth or symmetrical. 
: Currently, all the nodes in our 

: shape are corner/cusp nodes. 

: Double-click on the path to both 

: select it and switch to the node 

: tool, and you should see that all 

: the nodes have the diamond- 

: shaped handles that represent 
cusp nodes. Press CTRL-A to select — 


a simple spiral type of shape. 
Something like this: 


Now select the path and open 
the LPE dialog using the Path : 
Path Effects... menu option (Path 
Effect Editor... in 0.48). At this 


HOW-TO 


Written by Mark Crutch 


point, the user interface diverges.  : 
; To add the Spiro Spline LPE to your : 


: path: 

: s In 0.48.x, select "Spiro spline" 

: From the drop-down list of effects 
: atthe top of the dialog, then click 
: onthe Add button next to it. 

: s ln 0.91, click the "4" button at the : 
: bottom left of the dialog. This will. : 
: open another dialog listing the 

: available effects. Scroll down and 
: select "Spiro spline," then click the : 
: Add button. The second dialog will : 
: close, adding the effect to the list 


in the main dialog. 


With the Spiro Spline effect 


added to your path, you might be a : 
: smoother than the normal version. : 
: Heress the original (black), smooth 
: (green), and spiro (purple) versions ; 


the tool control bar to change 


: them to smooth, symmetrical or 

: auto-smooth. Inmediately you 

: should see the effects of the spiro 
: algorithm, as your sguare spiral 


: turns into a super-smooth version. " themselves The algorithm is a 


: little unstable, and can sometimes 


; : shoot off into wild shapes as vou 
: thinking that vour new spiral is just : üt v 


: a normal result of switching to 


You may be forgiven for 


smooth nodes, but thats not the 
case. In the LPE dialog, you ll 


3 notice that the Spiro Spline entry 
: has an "eye" icon next to it. Click 
: that to toggle the effect on and 


: off, and youll notice that the spiro : out.of-control the spiro algorithm 


: canget! 


version of the path is noticeably 


of the path - overlaid on top of 


I each other so you can more easily : 
: see the differences between them. : 
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: them all, and use the buttons on 


The real difference comes when 


: you start to manipulate the path: 
3 spiro splines are indifferent to 

: changes in the node handles, so 

: the most practical way to modify 
: the pathis to move the nodes 


: do so; undoing your edit, or 

: moving the nodes a little more, will 
: generally get things back on track. 
: For example, this image shows a 

: green original path, plus the same 

: path with the spiro LPE added in 

: purple, demonstrating just how 
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As well as moving nodes, 
theress one other way to 
manipulate spiro paths: straighten 
some sections. Simply select the 
end nodes of a segment and use 
the "Make selected segments 
lines" button on the tool control 
bar to straighten it. The spiro 
algorithm will ensure a smooth 
transition between straight and 
curved segments. If vou need to 
introduce a sharp transition into 


one of your smooth nodées into a 
corner node. That alone isnt 
usually enough to do the job 
though - moving the adjacent 
node to one side will usually also 


alter the path on the opposite side 5 


in an effort to maintain the spiro 


move the handles of the corner 
node so that theyre no longer co- 
linear, then you ll be able to move 
the spiro paths on either side as 
you would expect, with a sharp 
transition occurring at the corner 
node. 


The spiro algorithm was 
originally created by Raph Levien 
for font design (see 
http://www.levien.com/spiro/ for 
more details), but it can also be 
useful for flowing, organic shapes 


te Smoothing: 4 
Mode: / A ALZRBA 
r[2] Us) 


: such as plants, leaves, and... 

: tentacles. It"s so useful, in fact, 

: that Inkscape has dedicated 

: buttons on the Bézier and Pencil 
: toolbars which automatically add 
: the Spiro Spline LPE to any lines 

: you draw with them. Select the 

: Pencil tool and ensure that the 

: smoothing is set to about 509 - a 
your path, you First have to convert : 


little either way wont make much 


: difference. On the tool control bar 
: (shown above), enable Spiro mode 
: using the second button on the 

: bar: 


Now its time to draw 


: something on the canvas: the kind 
pathss smoothness. The secret is to : of shape that suits spiro mode. Try : 
: drawing a circle, keeping it as neat : 
: as you can, and finishing in the 

: starting node. As you draw you Il 

: see a green line indicating your 

: path, regardless of your current Fill : 
: and stroke settings — dontt worry, 
: thatss just a guideline that wont be : 
: visible when you"ve finished. 

: Unless you have supernatural 

: control over your muscles, the 

: green path is likely to be bumpy 
: and distorted; yet, on releasing the : 
: mouse button, it will be replaced 
with a nicely rounded circle. IFyour 


A Shape: ! Ellipse 


] €2 


Select the path you ve drawn, 


: using spiro mode. 


When using the Bézier tool in 


: spiro mode, the icon on the tool 


control bar is the same, but the 


: drawing process is a little 
different. I usually suggest drawing : 
: Bézier paths as a series of straight ; 
: line segments by single-clicking to 
: place each node, then going back 
: in Node Edit mode to add curves 


afterwards. IF you take that 


: approach with spiro mode enabled, it tsélesstthreés notesetó 


you ll get a series of corner nodes 
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which, as wevve seen, dont really 
play a role in the spiro algorithm. 


: Instead vou need to click-and-drag 


original path was extremely rough, : as you place each node, in order tó 


: you might not get a perfect circle, 
: but the final shape will certainly be : 
: alotsmoother than your hand- 
: drawn efforts. 


: set the curves as you go along. 

: Personally, I find this to be much 

: harder to control, but give it a try 

: toseeifyoure better atit than 

: me! You can always lay down 

: straight segments with spiro mode 


: and, in the Path Effects dialog, you : SnablSéL EHEN EKB elé éhenige 


: should see that the Spiro Spline 

: effect has been added. Toggle the 
: visibility button (the eye-shaped 

: icon) to see how the spiro version 

: compares with your original path. 

: Now try the process again with a ; 
: different shape - a figure of eight, : 
: ora spiral. As you can see, for 

: some shapesits a lot easier to 


create something neat and smooth : forget about it. A common 


: guestion on the support forums is, 
: "why cant I change the shape of 

: my path using the node handles?" 
: The answer is usually because the 
: Spiro LPE has unintentionally been 
: added, so watch out for that if you 


: some points into cusp nodes 

: afterwards. Its not a huge 

: workflow improvement, but does 
: save you a trip to the Path Effects 
: dialog to manually add the LPE. 


One big problem with having 


: Spiro buttons on these two tools it 
: thatits easy for newcomers to 
: Inkscape to enable them, then 


find yourself similarly stuck. 


Let"s move on to another LPE: 


: Gears. 


You First have to draw a path 


begin, III use exactly three so that 
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it"s clear what the relevance of 
each one is. With your path drawn 
and selected, open the Path 
Effects dialog and add the Gears 
LPE. You should immediately see 
your path replaced by a gear. 
Double-click on it so that you can 
see the three nodes and move 
them around. It should guickly 
become apparent that the nodes 
are used to set: 

1) The angle of the first gear tooth, : 
relative to the center point. 

2) The center point of the gear. 

3) The radius of the gear (from 

the center to the mid-point of the 
tooth). 


With your gear selected, switch 
to the Bézier tool. The start and 
end nodes of your path should be 


double-click somewhere else on 
the canvas to add another 
segment to your path. Now the 
path has four nodes, and you 
should find that a second gear has 
been added, centered at the new 
end node. 


You can repeat this process to 


. add more nodes, and hence more 
: gears. Applying the Gear LPE to 

: any path with more than three 

: nodes follows the same rules: the 
: first three nodes define the 

: parameters for the First gear, and 
: any subseguent nodes set the 

: center points for additional gears 
: in the chain. Once you"ve got a few : 
: gears on screen, switch to the node : together. Be aware, however, that 
: the order in which you chain them 


j how Inkscape automatically adjusts : is significant. Consider this simple 


: the radius and number of teeth in 
: the process. Try dragging the First 
: node around the second one to 

: crank your gear train into life (after : 
: all itis a LIVE path effect). : 


: tool to move their centers, noting 


As well as the values that are 


: implicitly set by the positions oF 
: the nodes, there are two additional : 
: parameters reguired to fully 

: specify the effect. These can be 
: found at the bottom of the Path 
: Effects dialog, in fields labelled 

: "Teeth" (the number of teeth on 


: the fi "Phi" (th 
visible: click on the end node, then : ke ött geatj and [ARE 


"tooth pressure angle" - set it to 


: about 20 for realistic looking 

: teeth). Almost all LPEs populate 

: this part of the dialog with a UI of 
: some sort, and in some cases the 
: number of additional parameters is : 


rather excessive (watch out if 


you re working on a small screen!). 


: path, made up of cusp nodes: 


NN 


d; TA ád 


szazat 


IF we apply either the Spiro 
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But if we apply both LPEs to the 


. path, the effects differ greatl 
You may have guessed from the : g 5 v/ 


: Ul thatits possible to apply more 
: than one LPE to a path. In 

: programming terms you can think 
: oFan LPE as a function that takes a : 
: path as aninput, and produces ; 
: another path as an output, 

: allowing you to chain them 


: depending on the order. Well start 
: with the least surprising 

: combination: Gears first and Spiro 

: Spline second. 


It may not be easy to see, but 


: the only real effect is that the 
: teeth of the gears have become 
: more rounded (though each gear 


RÉS : also has one tooth thats 
: Spline or Gears LPE to the path we 


: : misshapen). Thinking about our 
: getthe results we/d expect: : pen 7 


: chain of LPEs the general effect 

: makes some sense: the first LPE 

: outputs a composite path in the 

: shape of the gears, then the spiro 

: algorithm is applied to that path, 

: smoothing out any cusp nodes that 
: are presentin it. But what happens 
: ifwe apply the Spiro Spline LPE 

: first, and the Gears LPE second? 
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Now we"ve got a load more 


gears! This is because the path that : áturalistic curves and mechanistic : 


gears, then next time well 
: continue to look at some of the 
: other LPEs that are available. 


is created by the Spiro Spline LPE 
has more nodes than our original 
input path. Although we drew 6 
nodes, the spiro version of the 
path actually has 13, so when the 
second LPE runs it creates a lot of 
extra gears. We could have 
predicted this result had we only 
kept an eye on Inkscapess status 
bar: when an LPE is active it shows 


the number of nodes in the output : 


path, not the number in the 
original path. Try using the Gears 
LPE again, and have a look at how 
many nodes that generates! 


Why not practice drawing 


(37. 


Mark uses Inkscape to create three 
webcomics, "The Greys", Monsters, 
Inked" and Elvie", which can all be 
found at 
http://www.peppertop.com/ 
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PYTHON SPECIAL EDITIONS? 


IN PYTHON 


Volume One 


http://fullcirclemagazine.org/issue-pyOo1/  http://fullcirclemagazine.org/issue-py02 


IN PYTHO 


Volume Th 


IN PYTHON 


ee Four 


http://fullcirclemagazine.or thon- 


special-edition-volume-four/ 


http://fullcirclemagazine.or thon- 
special-edition-issue-three 


IN PYTHON 


lume Five 


IN PYTHON 
Volume Six 


http://fullcirclemagazine.or thon- 


special-edition-volume-six/ 


http://fullcirclemagazine.or thon- 


special-edition-volume-five/ 
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incrediBuild 
BEYOND ACCELERATION 


HAVE YOU EVERTHOUGHT WHAT WOULD HAPPEN 
IF YOU MAKE ALL YOUR DEVELOPMENT 
PROCESSES RUN 10 OR 20 TIMES FASTER? 

Slow builds, long running tests and scripts, computeintensive development 
processes delay continuous delivery, leading to longer release cycles, 


missed deadlines, broken builds, overworked develops, andinsufficiently 
tested software. 


INCREDIBUILD ACCELERATES BUILDS, 
COMPILATIONS, TESTING, AND ANY OTHER 
DEVELOPMENT PROCESS 

WE SPEED UP YOUR DEVELOPMENT LIFECYCLE 


Once thought a reality of every development process, make slow builds a 
thing of the past. 


Increase your development productivity, accelerate your build lifecycle, and 
enable truly Agile development. 


Realize the premise of faster Continuous Delivery and getyour Continuous 
Integration to perform. 


ACCELERATE LINUX AND 
ANDROID DEVELOPMENT 


Being able to directly visually audit the build 
process to look for bottlenecks whilst 
reducing execution time is wonderful. 


Richard Trotter 


Geoteric 


eectsánun 26301 


— S HÓ Árara az roanrn da laraun 263614 


LELT TETT 


Are you still waiting for your build to finish? 


23 


ast month I showed you the 
first monthly subscription box 


done much tinkering with Arduino 
lately, I thought Fd show you this 
months Tronclub contents. 


There seems to have been a bit 
of a print error in this month s 
book that I have. Some of the 
circuit names, on the right side of 
the page, are a bit smudged, but 


ON. 


ARDUINO 


Inside the book are several 


: loose pages, but thats a good 
from TronClub.com. Sincel havent : 


thing. How? Because they are 


: corrections to this months circuits, 
: and also a correction for one circuit 
: in last months box. Its good that 

: theyre providing these as it means 
: you can tape/glue the correction 

: over the wrong diagram and keep 

: the books for later reference. 

: Thankfully, the circuit I stopped at 

: last monthis the one thats 

thats about all I can fault the book : egrrected this month. So now I can 
: continue from Box 1 circuit 12. 


Jt Tableotconterts 


Safety 


2. enistanos en VÉDE 
3. Varying the v 


4. Resistance in Eguilibrium a 
5. Amplifying Transistors 

6. LEDS as the Number Eight — 
7. Pulsating the Piezo Buzzer 
8. Capacitors and the Rhythm 

9. Comparing Voltages 

10. Oscillating the Comparator 


Csangarator Driving the d 
, Vegyjázy tbe 555 Timer Pula 
Higát Pitété Sensor 
k S:sizdlisvel indicator 
; TizFtüllte Controlled Motg 


Lomgaw 0 than On Pulse 


. Cogrtiiuouss Running Servg ; 
. MurnsatOSunting 

. Asátanmaát:Counting 

. Rősesstátss Generator 

. SéxiákátrParallel-out 

, Casálülézk, Scrial-in Paral 
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The box contents this month 
include the inevitable breadboard 
and some wires, but also a battery 
holder (batteries included!), some 
more components (IC s, buzzer, 
microphone, more LEDS, etc), and 
even a dinky little servo motor. 


Speaking of dinky, my favourite 3 ja — RSS 


part of this months box is that it 


includes, guite possibly, the cutest 3 


little screwdriver ever! 


To the w orkbench! 


Ronnie is the founder and (still!) 
editor of Full Circle. Hess a part-time 
arts and crafts sort of guy, and now 
an Arduino tinkerer. 
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CHROME CULT 


Written by S. J. Webb 


rivacy is no longer private per 

world governments and 
business corporations. However 
TAILS is one option to maintain 
online privacy, unless you have a 
Chromebook. The "counter- 
measures" the Chrome OS needs 


Browser Extensions, and VPN 
Apps. All of these items are found 
in the Chrome Web Store that you 
can install. The apps and 
extensions also work on the 
Chromium browser. 


The Extensions in my Chrome 
browser are: Privacy Badger, 
Ghostery, and HTTPS Everywhere. 
Privacy Badger and HTTPS 
Everywhere were developed by 
Electronic Frontier Foundation. 


your digital rights and online 
anonymity. Ghostery is a 
proprietary freeware software 
developed by Evidon Incorporated. 
The VPN in my Chrome Browser is 
Zenmate. I will review these items 
in fuller detail. You will Find the 


upper right-hand corner of the 
Chrome Browser. 


4zV AGA 


: virtual private network (VPN) 
; É . : extends a private network across a : 
to ensure your internet privacy are: : oubllénetwerk suchasthe 
: Internet. It enables users to send 

: and receive data across shared or 

: public networks as if their 

: computing devices were directly 

: connected to the private network, 
: and thus are benefiting from the 

: functionality, security and 

: management policies of the 

: private network. A VPN is created 
: by establishing a virtual point-to- 

: point connection through the use 
: of dedicated connections, virtual 

: tunneling protocols, or traffic 


This fFoundations goalis to protect : j 
: encryption. 


As defined by Wikipedia, a 


There are many VPN providers 


3 in the Chrome Store that offer this. : 
: service for free or on a monthly 
: paid subscription. My first choice 
: was the Tunnelbear Extension. 

; 8 : However I guickly disliked this 
enabled extensions and VPN in the : . . 
: extension. It provided only 500MB 


. ofFfree service, and it has a difficult 3 


: for the Chrome OS. You also have 
: an option for a monthly 

: subscription. Zenmate has a 

: seamless interface. It is very easy 
: to activate or deactivate the VPN.  : 
: When the shield in the upper right ; 
: corneris grey, Zenmate is off. ; 
: Additionally, the free Zenmate 5 
: offers various locations for the end ; 
: address. Zenmate does a great job. ; 


: graphic user interface. I then 
: moved on to use Zenmate. 

: Zenmate operates out of the 
: United Kingdom. 


I would like to credit Grant 


: Brunner at extremetech.com for 
; the three extensions mentioned 
: earlier. Privacy Badger blocks 


: online trackers that monitor your 


Zenmate offers a free VPN app 


Éli Ty fe bis 
ks dí18€ tl jCallOI 


hej 
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: online browsing habits. It thwarts 

: future snooping attempts. You 

: open the extension and can choose 
; which trackers can be active in the 
: Chrome Browser. 


LŐ Privacy Badger ks 


Privacy Badger detectie 


trackers on this p 
shiders let v 


y Badger handiles each 


The HTTPS Everywhere 


: extension forces websites to use 

: the Secure Socket Layers (SSL) 

: encryption between the web 

: server and the Chrome browser. 

: SSL helps keep your privacy private 
: on a daily basis. You can connect to 
; websites that lack SSL encryption, 

: however any person can review 


your connection between the 
browser and the web server. 
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HTTPS Everywhere 


Block all HTTP reguests 


Stable rules 
Force encrypted connections to these 
websites: 
4 Google APIS 
4 PayPal 


4 Flattr.com (partial) 


Ghostery blocks HTTP reguests 


and redirects using cookie blocking 3 


and cookie protection. It has a 
simple interface - similar to 
Privacy Badger and HTTPS 
Everywhere. Ghostery reports all 
tracking sites in the web browser 


ithi l h [ : 
MAEDIN a HÜrpiS Box Est pópulákés : company will take the tracking 


: reports and sell them to online 


in the lower right corner of the 
browser. 


The black path is an 
encrypted tunnel by 
the VPN. This is the 
strongest area of 
privacy protection 


Yet Ghostery is criticized. The 


: advertisers while keeping your 


: online privacy from these 

: extensions. Yet each extension ; 
: works in a different fashion. Due to : 
" the complexity of online intrusions, : 


: identity anonymous. The company 
: calls this practice Ghostrank, and 

: this is howit supports itself 

: Financially. 


There is some overlap in the 


this varied defense is useful. 


€) PRIVACY BADGER 


"CA. HTTPS Everywhere 


The red path illustrates an open lane 
allowing privacy invasion on the 
internet when reading Full Circle 
Magazine from your home computer 


However, there are times when an 
: extension or VPN will prevent a 
: website from being displayed. 


There are other limitations to 


: this setup. I have yet to find all of 
: theissues using the VPN and 

: extensions arrangement in my 

: browser. However I feel a bit more : 
: confident in my privacy when ; 
: online. Itis far from being 

: anonymous when using TAILS; 


perhaps in time TOR can be 
brought to the Chrome OS. 
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The grey path is the 
handoff from the 
VPN to Full Circle 
Magazine. However 
these 3 extensions 
help cloud any 
privacy intrusions in 
your internet useage 
as you read Full 
Circle. 


ÖOPFull Circle 


RELEASED ON THE LAST 


FRIDAY OF EACH MONTH 


; Next month Chrome Cult will 
: lookinto encryption tools for a 
: Chromebook. 


SJ Webb is a Linux Hobbyist and 
Research Coordinator. He enjoys 
fishing, hot rodding, and spending 
time with his kids and wife. He 
thanks Mike Ferarri for his 
mentorship. 
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GUIDELINES 


he single rule for an article is 

that it must somehow be 
linked to Ubuntu or one of the 
many derivatives of Ubuntu 


(Kubuntu, Xubuntu, Lubuntu, etc). 


RULES 


e There is no word limit for articles, : please follow these guidelines : 


but be advised that long articles 
may be split across several issues. 


e For advice, please refer to the 
Official Full Circle Style Guide: 
http://url.fullcirclemagazine.org/7 
5d471 


e Write your article in whichever 
software you choose, I would 
recommend LibreOffice, but most 
importantly - PLEASE SPELL AND 
GRAMMAR CHECK IT! 


e In your article, please indicate 
where you would like a particular 
image to be placed by indicating 
the image name in a new 
paragraph or by embedding the 
image in the ODT (Open Office) 


Written by Ronnie Tucker 


: document. 


3 e Images should be JPG, no wider 
: than 800 pixels, and use low 
: compression. 


e Do not use tables or any type of 
: bold or italic Formatting. 


If you are writing a review, 


When you are ready to submit 


3 your article please email it to: 


: articleseafullcirclemagazine.org 


: TRANSLATIONS 


IfFyou would like to translate 


: Full Circle into your native 

: language please send an emailto. 
; ronnie€fullcirclemagazine.org and : 
: we will either put you in touch with : 
: an existing team, or give you ; 
; access to the raw text to translate 
: from. With a completed PDF, you 

: will be able to upload your file to 

; the main Full Circle site. 
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Write For Full Circle Magazine 


REVIEWS 


GAMES/APPLICATIONS 
When reviewing games/applications please state clearly: 


e title of the game 

. who makes the game 

e is it free, or a paid download? 

e where to get it from (give download/homepage URL) 
e is it Linux native, or did you use Wine? 

e your marks out of five 

e a summary with positive and negative points 


HARDWARE 
When reviewing hardware please state clearly: 


e make and model of the hardware 

e what category would you put this hardware into? 

e any glitches that you may have had while using the hardware? 
e easy to get the hardware working in Linux? 

e did vou have to use Windows drivers? 

e marks out oF five 

e a summary with positive and negative points 


You dont need to be an expert to write an 
article - write about the games, applications 
and hardware that you use every day. 
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Written by Charles McColm 


uilding a dedicated computer 

for wiping hard drives is not as : 
complicated or expensive as you 
might imagine, thanks to the free 
software Dariks Boot And Nuke. 
With a minimal amount of 
hardware, you can build a machine 
dedicated to wiping both SATA and : 
PATA hard drives. ; 


drives takes up a lot more energy 


than using 1 machine to wipe 6 


: drives. 

: s You develop a good workflow of 
: removing and testing drives. 

: e It gives volunteers (if voure a 

3 refurbishing project) another task 


they can do without needing to 


: know all the details of building a 


; machine. 


This article is intended for 
people who have a need to wipe a 
lot of hard drives, or just have a 
spare system lying around they 
dont know what to do with. IF you 
need audit-ready reporting for 
regulatory compliance, or SSD 
support, then you might want to 
check out Blancco software (they 
also make the free DBAN 
software). 


You might wonder "why build a 
dedicated machine when you can 
just pop a DVD into each machine 
and wipe the machine that way?" 
Several reasons: 

e Donated machines dont always : 
function, so you might have to pull : 
the hard drive and erase it outside. : 
of the donated machine. 

e Having 6 machines wiping hard 


: MATERIALS YOULL NEED 


The materials you ll need will 


: vary depending on what you have 
: available, whether yourre doing 

: this solo or have volunteers 

: helping you, and how multi- 

; purpose you want to make your 

: machine. This list is by no means 

: exhaustive, but Im including a bit 


more than you need to start with: 
: " amotherboard with SATA and 

: PATA headers (you can use one 

: with just SATA or PATA but having 
: both onboard simplifies things). 

: a PCI/PCle SATA/PATA expansion 

: card (ifyou want to add more 

: SATA/PATA headers, you can get 

: cards with more connectors than 

: the card linked to here, this was a 
: cheap card) (optional). 

; " agood power supply unit (500W 
: or better recommended). 

: "a SCSI controller card if you want 
: to wipe older 50/68 pin SCSI drives 
: (optional). 

: § DBAN (Darik:s Boot and Nuke). 

: " SATA data cables. 

: " PATA data cables (finding one in a 
: store might be tough but you can 

: find lots of old machines with 


Wiping Hard Drives 


: them). 

: a Molex to SATA Y power cable 

: (optional, for expansion if you 

: have an older power supply). 

: " DVD-ROM drive (to boot DBAN 
: from). 

: " Docking module for IDE 

: (optional). 
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You can put DBAN on a multi- 


: boot USB key, but since USB keys 
: tend to be writeable, you risk 

: overwriting your USB key when 

: you run DBAN. Using a CD/DVD to 
: boot DBAN eliminates the 

: potential of overwriting your 

: media. If you want to get really 

: fancy, you can set up a server and 
: PXE boot (network boot) DBAN, 

: butthis is beyond the scope of this 
: article. The idea here is to get you 
: started as fast as possible. 


: STEPS 


; e Build your drive wiping machine 

: (hardware side). 

: " Burn the DBAN ISO to a CD/DVD. 
: " Setyour DBAN machine BIOS to 

: boot from CD/DVD First. 

: e Connect your drives and run 


DBAN. 
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BUILD YOUR DRIVE-WIPING 
MACHINE (HARDWARE SIDE) 


motherboards sitting around the 


for. We picked this motherboard 
for a few reasons: 

e It supported a dual core 
processor. 

e It used DDR2 RAM. 

e It had 4 SATA headers on the 
motherboard and 1 PATA header 
(which we didn t use). 

e It already had a dual-core 
processor and heatsinktfan 
installed. 

e It had easy to read headers on 
the front panel. 


We had motherboards that 
supported more PCI slots which 
are handy if Vou want to use a lot 
of PCI controller cards for more 
IDE/SATA ports, but in our 
experience we usually dont DBAN 
more than 6 hard drives at once. 
(Both because of power, and 
because, if one drive is bad, the 
rest slow down too). We had a 
couple of 1GB DDR2 RAM sticks 
around which we put into the 2 


RAM slots. The case we chose was 
an empty non-branded mid-tower 


USB connectors behind the ridge 
of the case because we dont use 
the front ports in our DBAN 


Our power supply s 


: motherboard molex connectors 

: were so short that we had to use a 
: zip tie to keep it from falling into 

: the CPU fan. Two molexY to SATA 

: power connectors were used to 

: provide extra SATA power headers. 
: Then we added all the SATA cables : 
: and a SATA controller card plus 

: two more SATA cables for a total 
: of 6 SATA data ports. If you have 
: more controller cards, you can add : 
: more cables but remember you re 
: going to have to power all those 

: hard drives! According to 

: Superuser.com, each hard drive 

: uses approximately 25 watts. 


Because we"ve been around 


: awhile, we have lots of other 

: controller cards and useful 

: adapters. We added a PCI IDE 

: controller card for an extra 2 

: cables (4 IDE drives). As a rule, we 
: dont DBAN PATA and SATA 

" together; doing so tends to create 


issues. 


On the first dban machine we 


; . kelstzi . ever built, we used docking 
: ATX silver case. We used zip ties to : 


: hide the front panel sound and 

We started our build with a MSI 

945GZM3 (MS-7267) motherboard. : 

This motherboard was one of many : 

: machine. 
shop which we had fixed capacitors i 


: modules, but we found that over 
: time, even with training, the 

: modules would get misplaced or 
: ruined. Some docking modules had : 
: to be locked for a drive to be 

: recognized (we got around this by 
: soldering the two wires leading to :; 
: the locking mechanism together so ; 
: they were always locked), but 

: perhaps the most annoying 

: problem was that it just took too 
: much time to put the drives in the 
: docks. IF a PATA drive wasnt 

: jumpered correctly, we"d have to 
: pullit out of the dock and reinsert : 
: it. Drives hanging out the side of 
: the machine arent pretty, but its 
: simple for volunteers to connect 
: and disconnect drives. 
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to the CD/DVD. DBAN is small so it 


. can easily fit on a CD. 


SET YOUR DBAN MACHINE 
: BIOS TO BOOT FROM 
: CD/DVD FIRST 


Setting your machine to boot 
from CD/DVD first might seem like 


: a simple task, and if youre used to 
: a particular machine, it is. But 

: there are a lot of motherboards 

: outthere and manufacturers often 
: do things differently from one 

: another. Just getting into the BIOS 


can be tricky, especially if the 


: computer is fast and the 

: manufacturer has chosen to 

: display a splash screen instead of 

: the hotkeys for booting to another 
: device or entering the BIOS. In 

: general: 


BURN THE DBAN ISO To A : 
3 CD/DVD 


: a Dell tends to use F2, Del, or 

: Enter, 

: " IBM tends to use F1 or Enter, 
; When you download DBAN, you : 
; get DBAN in an ISO format. You 

:; wont be able to just copy the file 
; to a DVD, you need special : 
: software like Nero (Windows), K3B : 
: (Linux), or Brasero (Linux) to burn 
: the ISO to CD/DVD. Nero, K3B and 
: Braseroknowhowto handle ISO : 
: files so they get properly unpacked : 


" HP/Compag tend to use F10, 


: , Just about everyone else uses 
: the Del key. 


Hitting the right key before the 


: operating system loads is... key. 


Once you re in the BIOS, most 
systems just let vou change the 
boot order to make CD/DVD the 
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first device. A few BIOSes also 
reguire that you set another 
setting in another spot (which can 
vary) to enable booting from 
devices other than the hard drive. 
Ifyouve set your system to boot 
from CD/DVD first, and it isnt 
booting, check first to see the 
BIOS recognizes the drive, then 
look through some of your other 
BIOS menus to make sure there 
isnt another option you need to 
set to boot from CD/DVD. These 
special cases are most often on 
business-class systems where 
manufacturers recognize that 
system administrators dont want 
just anyone rebooting the 
machines with a CD/DVD/USB key 
in them. 


IFyou can boot to vour DBAN 
CD/DVD, you re set. IF not, check 
the DVD. If you see only the ISO 
file on the DVD, it hasnt been 
burned correctly; re-burn with K3b 
or Brasero. The DVD should 
contain many Files. 


CONNECT YOUR DRIVES AND 
RUN DBAN 


Serial ATA drives are 


straightforward, 1 SATA hard drive 3 


per cable. PATA or IDE drives are a 


bit more complicated because you 
can have more than one drive on a 


: cable and the drives need to be 
: "jumpered" correctly. With 2 drives : 
: on a cable you have 2 options: 

: Master/Slave or both drives set to 
: Cable Select. We found the 

: simplest method that worked 

: when training new volunteers was 
; just to instruct them to set all hard : 
: drives to cable select, and let the 
: cable determine which was master : 
: and slave. Again, for SATA drives 
: thisisntanissue. 


Darilk s Boot And Nuke has 


: several options for wiping. If you 
: simply want to wipe all the drives 
: attached using a standard 3-pass 
: solution, type: autonuke. The F3 

: key displays other methods oF : 
: wiping including dod (Department : 
: of Defence 5220.22-M), dodshort 
: (the default method, 3 passes), 

; ops2 (RCMP TSSIT OPS-II method, 
: 8 passes), gutmann (35 passes), 

: prng (PRNG stream), or a guick (1 
; pas5). 


Darik"s Boot and Nuke: 


You may enter these commands at the boot prompt. 


Nuick 


In our region of Ontario, 


. Canada, our refurbishing 

: certification body, the Ontario 

: Electronic Stewardship, mandates 
: that drives we wipe for reuse be 

: wiped with at least the dodshort 

: (3-pass DoD 5220.22-M) method. 

: Some donors may reguest a ; 
: stronger method. At least a couple : 


: of donors have asked us to use the : 
: ; has bad sectors or not, you can use 


: a manufacturerss tool like 

; Seagatess SeaTools, or an open 

: source solution like Gsmartcontrol. 
: We prefer using open source tools 
: — both for licensing reasons and 

: because they tend to be simple to 
: set up on our PXE boot server. Any 


: ops2 (8-pass method) on donated 
: drives. 


If youre an individual or small 


: organization repairing computers, 
: you may want to consider using a 

: guick method if youre just wiping 
: malware in addition to the OS ofF a : 
: drive. One pass is much shorter 
: than three. 


: . Theamountoftime dban takes : 27". 
: to wipe a drive depends on the ; environment: 
: method chosen, the size of the 
: hard drive, and if the drive contains : 
: any bad sectors or other errors. ; 
: Drives with bad sectors can take a 


: lotlonger to wipe. A 1TB hard 


Commands 


the computer will be wiped automatically without confirni 


dod 
dodshort 
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In eació 


drive took us several days to wipe 
using the ops2 (RCMP 8-pass 


: wipe). A 3-pass wipe on the 1TB 

: took us a full 8-hour shift. If voure 
: dealing with a lot of large drives 

: you may want to check to make 

: sure they dont have bad sectors 

: first. 


To determine whether a drive 


: Ubuntu DVD/USB key can be used 
: to test drives with gsmartcontrol, 
: butyoull have to install 


gsmartcontrol in the live 


: sudo apt-get install 


gsmartcontrol 


When gsmartcontrol loads, all 


: drives attached will be displayed 

: (including DVD drives). To see the 

: smart information about any drive, 
: double-click on the hard drive. A 


new window opens with 6 tabs: 


: Identity, Attributes, Capabilities, 


Wipe all disks with the DoD 5220.22-M methodb Error Log, Self-test Logs, and 


Wipe ali disks with the short Dob 5220. ég M 


Perform Tests. Click the Perform 
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Tests tab to run a test on a drive. 
You can perform 3 different tests: 
a Short Self-test (one-minute to 


most errors without running a 
complete surface scan, an 
Extended Self-Test (86 minutes) 


and runs different routines built-in 
to the drive, and a Conveyance 


designed to indicate if there was 
any damage during transportation 
of a hard drive. 


The short testisnt 
comprehensive, but its usually the 


best test to run to determine if the 3 
; amore serious issue). 


drive has any serious errors. All of 
the tests write to the Self-test 


Logs tab once the test is complete. 3 ; 
: normally a good idea to try to wipe : 


Any errors show in the Error Log 
and Attributes tab. IF an error 
appears its important to read the 
complete text of the error on the 


Attributes tab. IF you hover over an : 
attribute in pink/red, a text pop-up : ill 


appears explaining the error. It 
might take some sleuthing to 


determine how serious the error is. : 


Generally, any errors in red are 
serious failures. Pink attributes: 
you ll probably want to get more 
information about these to 


determine whether theyre serious ; 


or not. Some attributes are guite 


handy to look at when building 
systems (Airflow Temperature for 


: example). 
two-minute test) designed to show : 


Our projects process is to run 


3 the short test. IF a drive failsthe  : 
; short test, it"s physically destroyed. : 
which runs a complete surface scan : 


IFit passes the short test but 
displays errors, we examine the 


errors to determine if the errors 
Self-test (approximately 2 minutes) : 


didnt completely write to the 


perform an extended test (on a 
500GB-ITB we might run a longer 
test if were not sure the drive has 


When wiping hard drives, its 
drives that are the same size to 


keep the wiping time down. An 
8BOGB hard drive will wipe much 


:] erii J 
Hi! Round 
( 


faster than a 500GB hard drive. 
Successfully wiped drives show 


: SUCCESS both on the wiping 
: screen (while a larger/slower drive. ; 
: is still wiping), and on the 

: completed screen (when all drives 


finish). Drive model and serial 


: numbers are displayed on both 
: screens, so, if a drive fails, its easy : h Bjt 
: ro ! : hand and we found that simplicit 

: to determine which drive has failed : KÉSÉSE 
are non-serious (e.g. the computer : 


: was shut down improperly and 


provided you can read the serial 


: number and model on the drive"s 
: physical label. In the screenshot, 
drive) or serious. Depending on the : 
: size of the hard drive, we might 


the first drive is a Seagate (we 


along with our projects 


: information and my name and 
: Signature to state that ve been 
: present to see the drives wiped. 


e 


Renaining 


Load Áverages 


Ihroughput 
Errors 


ATA Disk ST380815A5 3.AA 746B GRAZGS?K 
(00.43, round 1 of 1, pass 1 of 3] [uriting) (65431 KB/s) 
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Building a dedicated wiping 


. machine can be as simple as using 

: an existing machine and booting 

: from a DBAN CD, or as complicated 
: as a system with several expansion 
: cards (IDE, SATA, SCSI), molex 

: power splitters, and docking 

: modules. We used what was on 


: is often best, especially because 

: we have a lot of different 

: volunteers and have a lot of drives 
: to wipe. Dariks Boot and Nuke can 


; : wipe drives using a number of 
: know from the ST380815AS model : b 7 


: number) hard drive with a serial 
: number of G6RA2G57W. For 
: particular donors, I normally create : 
: aspreadsheet with the drive 

: model, size, serial number, and 
: method used to wipe the drive, 


: different methods, but the default 
: 3-pass DOD method is thorough 

: enough thatit satisfies some 

: waste/refurbishing governing 

: bodies (of course you should 

: always check for your area if vou re 
: professionally refurbishing 

: computers). We"ve used tools like 

: foremost (created by the NSA) and 
: Recuva (a Windows tool from 

: Piriform, the same company that 

: makes the popular CCleaner tool) 

: to check wiped drives, and neither 

: have been successful recovering 

: any data. 


: Dban - http://www.dban.org/ 
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N 


Written by Ronnie Tucker 


OTA-7 


he full list of Ubuntu Phone 
updates are provided below: 


SCOPES 


support for Likes" and Retweets" 


BROWSER 


e Add search to history view 

e Inmproved context menu with 
options to download links 

e Http basic auth support 


GALLERY 
e Support SVG format 


the background 


BUG FIXES 


e Fix for test.nmrow exploit 
https://launchpad.net/canonical- 
devices-system- 


image/rmilestone/ww40-2015 
e Fixes for the UI freezing (FD 


leaks) 


: § Does not create crash reports on 
: stable channel by default 

! s Fixthe OML cache and restore 

: consistent app startup times 

! e Fixes to use less memory by 

: defaultin the browser and avoid 

: webapps showing a white screen 

: e lmprovements to screen banking, ; 


e Inproved social media handling — : use of proximity sensor 


3 UPDATE ON UBUNTU PHONE : 
: SECURITY ISSUE 


security vulnerability has 
been discovered on the 


: Ubuntu Phone. We take security : 
: very seriously, and want to provide : 
: clear information as to what ; 
: happened; and what steps have 
ségündelbüd webapo Höwölávein been taken to rectify the issue and : 

: protect against future similar 


: incidents. 


At this point, we believe that 


: the core issue has been addressed. : 
: An app which exploited the issue 

: has been removed; the 15 people 
: who installed that app have been 
: contacted; and a fix for all Ubuntu 
. Phone users will be released 


: shortly. Users of Ubuntu on the 

: desktop, server, cloud and snappy 
: Ubuntu Core devices are not 

: affected. 


: Full story at: 
https: 


insights.ubuntu.com/2015 


10/15/update-on-ubuntu-phone- 


: security-issue/ 


buCon 2015 revealed that 


while Ubuntu would remain as 


: Ubuntu as we knowit (with .deb 

: Files and Unity 7) the current 

: Ubuntu Phone OS will merge with 

: whatis now known as Ubuntu 

: Personal (with Snappy and Unity 8). 
: This means that Ubuntu Personal 


: will be the convergence OS that 


: will run on both desktops and 

: phones whereby a phone can be 

: plugged into a display device and 
: be used as a desktop machine 
UBUNTU, UBUNTU PERSONAL : 


: AND UBUNTU PHONE 


would be. 


Ubu 
ntu 
Personal: a Convergeg 
ed c dekh 


Ubunty 


Ubuntu Personal 


ENBEZTE 


verezzdáogyi s 


e — Ubuntu remains Ubuntu 


e  UbuntuPerso  codeb 
e The Ubuntu Phone c codebase 


David Planella at UbuCon 2015 
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Photo: Sujeevan Vijayvakumaran 
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This year avoid the high street chaos and shop from the safety of your home. 


Put the kettle on, relax and visit ebuyer.com for the best deals on laptops, TVs 
and electricals. Is Black Friday really worth a black eye? 


buyer.com 


nej 
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FIND OUR EARLIEST DEALS ON NOVEMBER 


BOOK REVIEW 


Written by Jon Hoskin 


meremtárn baz perreidanta im tép dogírni agy azali Ha 
ési maga emtefüneri Ho av 17 ered Hruca $rs gr Uri 


JÁALCOA Mi ÜLETTMELL 


7 DATA 


AND 


LIAT 


Töötüdden Battlas ta Gatti 
Your Data and Control Your World 


Data and Goliath 

by Bruce Schneier 

W. W. Norton 8 Company 
320 Pages 

Hardcover 

ISBN: 978-0393244816 


f you have any interest in 
computer/data security, you 
probably already know the name 

Bruce Schneier. You may have 


: visited his blog, Schneier on 

: Security, or read one of his 

: previous books — which number in 
: double digits - attesting to both 

: his knowledge and longevity in the : 
: field. You can find him in many ; 
: YouTube videos such as NSA 

: Surveillance and What To Do About : 
: It- Bruce Schneier. Or maybe take a : 
: look at The Schneier Model (Kevin. : 
: O"Brien, Full Circle Magazine 4101, 
: p48). His most recent written 

: offering is Data and Goliath, and 

: will be of interest to those with a 

: need to know, but will likely 

: interest many more - given the 

: growing fear of our Internet- 

: connected world. 


With an almost daily calamity, 


: exploit or cause for concern, the 

: entire planet knows there is a 

: problem with big data even if we 

: cant articulate its nature. Big 

: doesnt begin to describe how 

: extensive and overwhelming it is, 
: and, more importantly, what it will 
: enable in the future. When 

: machines can predict your actions 
: and reactions better than you can, 
: at what point do we lose control? 


: is here to save the day, albeit with 
: some strings attached. His 
: approachis divided into three 


: " The world were creating 
: , Whats at stake 


: immense potential good that this 
: represents, but he asks about the 
: costs and security conseguences. 

: OF course plenty of facts are cited 
: butthe importance of this book is 
: that he guestions everything with 
: the careful eye of someone who 

: knows the field and has the 3 
: experience to recognize where real ; 
: balance is needed. For example, he ; 
: notes that the U.S. National 

: Security Agency does in fact 

: purchase zero-day exploits, and 

: the whole world would be better 
: offif they simply released them to : 
: the computer industry for 

: patching. But, he recognizes that a 
: security offense capability may at 

: times be the only viable option, 

: and should exist along with a 

: palpable defense. Thus he 


Data And Goljath 


Nevertheless, Data and Goliath 


sections: 


e What to do about it. 


3 exploits and keep a select few for 
: when they are demonstrably 
: needed. 


While the U.S. has the capacity 


to arbitrarily save all data, it makes 
: as much sense as the ill-conceived 
: military philosophy expressed as: 


: Killthem all, let God decide. First 


There is no doubt about the 


suggests the NSA release most 
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: and foremost, it turns a democracy 
: into a surveilled society which 

: inhibits progress and suppresses 

: conversations considering change. 
: Unfortunately, this tactic is used 

: with purposeful effect on 

: populations around the globe. 

: Schneier explains all facets of this 

: issue including impacts on human 


rights and liberty. And its costly. 
At $72 Billion a year for the U.S., it 


: impacts both domestically and 
: internationally. If you cant trust a 
: countrys security policies and 
: laws, why would you think you can 


trust software or data security 


therefrom? Thus the NSA in the 

: U.S. has been likened to "an 

: autoimmune disease, because it 

: attacks all other systems." And 

: most obvious, if apparently 

: unappreciated, is that the more we 


save, the more difficult it is to keep 
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it all secure, a problem for which 
we need no reminders. 


As noted above, this book can 
save the day, but only if we are 
willing to do something about it. 
Politicians are unwilling to control 
excess surveillance because 
without push-back from the 


Cameron. He said "1 am simply not 
prepared to be a prime minister 
who has to address the people 
after a terrorist incident and 
explain that I could have done 
more to prevent it." Schneier 
makes a critical comparison with 


dont cause more damage or kill 
more people; we just fear them 
more." 


Likewise, corporations should 
be more accountable and not let 
"Externalities limit the incentive 
for companies to improve their 
security." Without Fiscal 
responsibility, the only ones hurt 


are those providing the data — who 3 
are usually paying for the privilege : 


in one fashion or another. Poor 
decisions by the very large 
automotive, air transportation or 


food processing industries to name 3 


a few are nevertheless liable, so 
why should big data and related 


industries be any different? 


Finally, the individual also has 


: to play a larger role until much 

: better security is baked into the 
: industry as a whole. A variety of 
: specific options are noted and 

: worth considering/using by 

: individuals wanting to have an 
electorate, they respond like David : 
: than aninsightful comprehensive 
: look atthe problem, its also a call 
: to virtual arms with Schneier 

: identifying what Government, 

: Corporations and the Rest of us 

: need to do. Near-term, it can only 
: get worse, but if it doesnt get 
organized crime, saying "Terrorists : 
: blame. 


impact. The book is much more 


better, we have only ourselves to 


a 


Jon is an advocate and user of open 
source software. Known by some as 
the doctor of chocolate (PhD in Food 
Science), he is employed doing 
computer support at a university in 
the SE U.S. He is still impressed by 
how easy Linux distros are to install. 
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MY STORY 


Written by Jaideep Tibrewala 


y jöurney started with Unix 


when I was a student at UW- : 


Madison. As a Computer Science 
student in the 905, all CS course 
work was done on Sun 
Sparc/Solaris machines. I was 
pretty fascinated by this Unix 
world, and the different flavors 


available at college, which included : : 
: giving up. Small victories gave me a : 
: sense of achievement. When 

: Redhat spun off and created 

: Fedora, that was my first change. I 
: stuck with Fedora for guite afew  : 
: years, and had gotten comfortable : 
: using KDE and some of the cool 
features it provided (eg: Amarok). 


HP-UX and DEC. They just felt 
more powerful in computing 
power than Windows at that time. 
However, it was not practical to 
buy a UNIX machine for personal 
use, nor was any of my class 
homework possible on Unix. 


The UW-Madison CS 
department had an underground 
lab where the geeky CS students 
spent hours doing research work. 
Many of the lab machines ran an 
alternative operating system 
called Linux. This was the 
alternative to UNIX that I could 


bring home. So, sometime in 1997, : 
: out-of-the-box. Thats where I 

: came across Ubuntu. My first 

: installation was Kubuntu Feisty in 
: 2007, and I instantly preferred it 

: over Fedora. The environment was 


I decided to install Redhat on my 
desktop PC. Installation went 
smoothly and my experience with 
Linux started. 


My early years with Linux were 


: not very smooth. I wasted many 
: hours trying to get a custom kernel : 
: to compile. Then get modem ; 
: drivers, the sound card, graphics 
: card, Ouake 3, and so on to work. 
: Thanks to the various Linux forums : 
: and volunteers for their guidance. 
: Linux was still very immature at 


that point in time, but I wasnt 


After a while, I got tired of the 


: plug-and-pray world of Fedora, 
: with things breaking from one 
: upgrade to another, and decided to : 
: research other Linux flavors, with a : 
: focus on something that is a lot 
: more user-friendly and with 


hardware and peripherals working 


cleaner and worked a lot more 


I seamlessly with hardware. 


Over time I jumped from 


: Kubuntu to Ubuntu and finally to 
: Xubuntu. I realized that I needed 


or Gnome. I dont do programming 


any more, but am comfortable 
: working with the commandt-line 
: when reguired. 


I currently dual-boot my laptop 


: and live in Windows during the 

: week, and switch to Xubuntu 

: during the weekends. Now that 

: almost everything works as well in 

: Ubuntu, I prefer to stick to Ubuntu. 
: For the last three upgrades, things 


have gone very smoothly and not 
disrupted my dual-boot 


: environment. 


What! like about Xubuntu is 


: thatits fast, has a good interface, 
: allows me to mount my NTFS data 
: partition that I share with 

: Windows, and doesnt slow down 

: the system with unnecessary 

. background services. Most of the 
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: apps that I use 9096 of the time on 

: my laptop work very well in 

: Xubuntu. Gimp is a great 

: replacement for beginner photo 

: editors like me. And I have the best 
something that was lightweight on : 
: RAM, and worked efficiently on old ; 
: hardware/laptops. I stopped caring ; 
: about bells and whistles from KDE : 
: there are still some things which I 

: miss from Windows. I havent been 
: able to find a good linux app that 

: will do a BPM analysis of my songs 
: AND store the value in the 

: respective mp3 files, nor a good 

: replacement for a WYSIWYG app 

: like Dreamweaver. Im a big Excel 

: geek, and LibreOffice or 

: Openoffice just dont compare, so 
: I have to subscribe to Crossover 

: Linux to install and use MS Office. 

: Java doesnt work in Chromium. I 

: cant get Ouicken to work in 

: Xubuntu or Crossover. And, in 

: some ways, the Windows Ul is a lot 
: crisper than my current setup. 


set of rotating wallpapers thanks 
to Variety and wallhaven. 


WhatI dont like about Ubuntu - 


Nonetheless, I enjoy using 


: Xubuntu and hope to continue 

: being a devoted user for a long 

: time. Congrats to FCM, and I look 
." forward to reading 100 more. 
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CHECKING FINANCES 


e ould you please do an article 
about a finance program that 
would be suitable for the average 
person? Something not just for 
accountants. 


Gordon Loughnan 


Ronnie says: Anyone out there 
with knowledge of accounts 
software and wants to write 
something up? Email it to: 


articlesofullcirclemagazine.org 


BLUETOOTH WOES 


B ackin the day (prior to Ubuntu : 


14.041 think), I never had a 
problem connecting a Bluetooth 


device to my laptop. Since then, no : i ; 
: possible to do the same with the 


3 Python series, please? A Python 
: Diamond Jubilee Edition would be 
; great! 


luck at all. lam a dedicated 
Xubuntu user and I really would 
like Bluetooth to work. 


Downloaded the 15.10 beta, 
tried it hoping this problem had 
been fixed. No dice. The devices 
pair OK but they cannot connect. 


IF you would like to submit a letter for publication, compliment 
or complaint, please email it to: lettersOfullcirclemagazine.org. 


PLEASE NOTE: some letters may be edited for space. 


Why, with an organization 


seemingly as adept as Canonical, 
: has there been no progress onthe : 
: Bluetooth front. : 


Temporary or permanent fixes 


: abound but that begs the guestion ; 
: rather than answering it. 


Ive tried numerous fixes 


gleaned from multiple blogs and 
: Forums — with no luck. Can you 
: shed any light on this issue? 


Dick Smith 


: PYTHON JUBILEE 


hank you very much for the 
LibreOffice Golden Jubilee 


: Edition. Everything in the same 


place. Very convenient! Would it be dagrilóádíron ES EÉN ete 


looked like this. 


Sylvain Pelletier 


Ronnie says: Brian says hel try 


. tomakea Python jubilee edition. 
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: EPUB$101 101 


3 A couple of people noticed two : ; 
3 minor problems with the 


FCMH101 EPUB: 


: a The meta data shows it as issue 

: 191no0t 101 

: e The cover image is not marked as 
: "cover" and so does not show WHEN ; 
: imported into Google books 


Brian says: 


Point 1) Guilty as charged. 


; In mitigation, I can only say that : 
: lentered the Metadata by candle 
: light on my laptop and the 9 and 0 
3 are adjacent to each other. 


Point 2) pigued my interest. A 


Pall Circbe Magazíme 


o Full Circle et 


Join us on: 


ge 


facebook.com/ffullcircle 


magazine azine 


pe g00.g1/ERTMI 


twitter.com/t!/fullcirclema 


linkedin.com/company/full- 


circle-magazine 


ubuntuforums.org/forum 


éj. display.php?f-270 
FULL CIRCLE NEEDS YOU! 
A Without reader input 

, . Full Circle would be an 
empty PDF file (which I dont 
think many people would find 
particularly interesting). We 
are always looking for articles, 
reviews, anything! Even small 


things like letters and desktop 
screens help Fill the magazine. 


See the article Writing for Full 
Circle in this issue to read our 
basic guidelines. 


Have a look at the last page of 
any issue to get the details of 
where to send your 
contributions. 
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LETTERS 


And the code for the cover page 
is: 


c£bodyz 

ch1 title-"Cover":Full 
Circle Magazinec/h15- 

£p:cimg alt-"OOPS" 
src-"  . . /Images/Cover . jpg" 
/2c/p2: 

ch3 


e $H101-c/h3: 
£/bodyz 


Everything looks OK so far. 


Books, I decided to open it. OF 
course the app contains no 


decided to commit suicide by 


A search revealed: "As of March 3 


2013, Google Play Books supports 
third-party ePub or PDF files. You 


visiting 


ads in your web browser (when 


logged in to your Google account, of : 


course). You are permitted to store 
up to 71,000 uploaded files on your 
account at a time, and each file 
must be no larger than 50 MB in 
size." 


http://android.stackexchange.com 


guestions/19092/how-can-i-read- 


: my-epub-books-in-google-books- 
: for-android 


So the downloaded file is now 


3 uploaded to Google Play Books ; 
: where it appears to undergo some : 


classz"sigil not in toc"oIssu :; file manipulation. 


Il can only surmise that the file 


became corrupted foryou during : 
: either a download or upload, orits : 


: : manipulation by Google. 
As I know nothing about Google : 


I did notice that there was one 


additional problem introduced by 


information on how to get an ePub : uploading the file to Google Play — 


into it. The device I was using then : whether or notitis the same under ; 


: Android as in the browser I can"t 


hurling itself onto a concrete floor. : check right now. 


Google removes the blank line 


3 between paragraphs. As 


: paragraphs in the ePub are 


can upload books to your account by 3 justified, it"s difficult to see when 


: one ends and the next begins. 
https://pPlay.google.com/books/uplo 


IFyou have Calibre installed on 
your computer, then it is easy to 


3 edit the Metadata after importing 
: the ePub. 


; Right-clicking on the ePub gives 3 
" you the option to edit the book 


and indent the paragraphs if vou 


need to. 


: Title Authorís) " Date 
0 Edit metadata . 


42 FCM Issue 99 en Epub Ronnáj 4 Send to device 


43 FCM Issue389 en epub Ronnúi E) Save to disk 


199 Connectishare 
44 FCM Issue97 en.epub Ronnii onnecUshare 


45 Testing Ronnii d Convert books 
G View 


46 Libre Office Volume 5 Ronnúj 


47 FCM Issue96 en Epub Ronnij 


4 show book details 


48 Scribus Ronnái Simdar books 


49 Scribus Ron 


LV menza en Bazze 


:P ( 


In the left column, under Styles, 3 


double-click on FCM15.css and 


: look for 


font-family: Ubuntu; 


:) 


font-weight: normal; 
text-align: justify; 
font-size: 12pt; 
line-height: 14pt; 

: andadd 
text-indent: 30pt; 

: to make itread 

pi a 

: text-indent: 30pt; 
font-family: Ubuntu; 
font-weight: normal; 
text-align: justify; 
font-size: 12pt; 
line-height: 14pt; 


Save and exit. 
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The modified ePub can now be 
found in the Calibre Library. 


Before: 


Ld Open containing foldor I: 


d" Edítbook B 


scratch - Part 2 


By John 


Now that that our Linux VM is built, 
add security for better server pri 
this will be accomplished by using ti 
e fi dőlt z j 


After: 


scratch - Part 2 


By John 


Now that that our Linux VM is 
must add security for better 


protection; this will be accomplig 


Viewed from Google Books 


An indent of 30pt may be too 


: much; vou might be happier with, 
: say, 12pt: 


text-indent: 12pt; 
Hope this is some help, 


Brian 
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WWWUPENSAPDORLOUCO COM 


COULD YOU CHECK ON MY 
PC? ITS FROZEN. 


NO BIGGIE, BABY, 
IVE JUST TOOK VYOUR SYSTEM 
TO A NEW LEVEL. 


IT§ AMAZING HOW 
60009 YOU LOOK VWHEN 
YOU START TO 
SHOW-OFF , 


OSA 


If you have a Linux guestion, email it to: miscOfullcirclemagazine.org, and 
Gord will answer them in a future issue. Please include as much 


When I try to update my 
system, I get this error 
message: 


Failed to fetch 


http: //ppa. launchpad.net/kile ; 
/stable/ubuntu/dists/vivid/ma : ntső 
: data! 


in/binary-amd64/Packages 404 
Not Found 


A (Thanks to claraccin the 
Ubuntu Forums) You have 
obtained the correct response 


go to software updater and in the 


ppas. Reload sources and it is 
fixed. 


e Im planning to upgrade from 
12.04 to 14.04. What should I 
back up? 


(Thanks to mastablasta in 

the Ubuntu Forums) You can 
make an image of the whole 
system (clone), or back up just 
individual folders. I would mostly 
back up just the data from my 
home folder for the upgrade. 
Then, before doing the upgrade, I 


Compiled by Gord Campbell 


first try a live session to ensure 


5 that all works as it should. 


e Is there a command that I can 
use to get my power supply 


; A There is no command to 


guery the model number, 


5 wattage rating, etc. if that is what 
: yvoure asking for. 

since the aforementioned ppas are : 
not in the pointed address. You can : 


You may be able to check the 


voltage levels with sensors if your 
"other software" tab, disable these : 


motherboard supports it. They re 


not always accurate and correctly : 
: labelled though. Install lm-sensors, : 
: then: 


: sudo sensors-detect 


You only need to run this 


: sensors 


a software update in 14.04. 


information as you can about your guery. 


: After applying the update and 

: rebooting, I cannot sign into my 
: system. Enter my password, get 
: the spinning wheel and Nada. : 
: Locks up tighter than a drum after. : 
: about 8 seconds. A total freeze. 


(Thanks to Howefieldin the 
Ubuntu Forums) In the short 


: term, try booting into a previous 
: kernel. IFyou dont get a grub 

: screen at boot up, press the shift 
: key after switching the machine on : 
: and press the advanced options 

: button and choose the previously 
: working kernel. 


: TOP OUESTIONS AT 
: ASKUBUNTU 


: : ls there a software for visual 
3 e This morning, I was notified of : display of disk space? 


" http: 


00.gl[/XZa99 
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: http: 


: http: 


: x Is it possible to run a Windows 
: .msi installer? 
: http: 


00.al/SrYYmx 


: § Find vs. locate 
; http: 


00.gl/IlgXpN 


3 x When is it necessary to reboot an 
: Ubuntu system? 
: http: 


00.gl/NLKG3 


14 Timestamp, year 2038 problem 


for 64-bit Ubuntu system 
00.agl/NRgaPl 


: x Whats the best way to write an 


: Ubuntu ISO image on a USB stick? 
A buggy kernel was uploaded to : g 


: "proposed" - a repository not 

: enabled by default, so only those 
: willing and able, with a higher 

: tolerance to breakage, 


; : would/should be affected. 
: command once and not every time : 


; you want to see sensors. 


00.gl1/o9H3k2 


: $ How to secure my laptop so that 
: hacking by physical access is not 

: possible? 

: http://goo.g/Sg9074 


: § Disk slowly filling up but no 
: visible file size changes 
: http: 


00.gl/acohCU 


: § How to execute a specific 
: command on opening a terminal 
: . Mkt 


00.gl/6ivazT 
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TIPS AND TECHNIOUES v 


Private folder sharing 


he month I commented about 
the difficulties I had in setting 
up a server with numerous shared 
folders, with each one available to 
only a single user. I think the 
problem is solved. 


Here are more specifics: the 
folders are on a drive in a USB 3.0 


external dock. They are used as the 3 
: set of commands: 


target for Macrium Reflect image 
backups of Windows systems; a 
single 4 TB drive can hold image 
backups of all the workstations in 
the organization. 


The key to making it work was 
to put an entry in /etc/fstab to 
mount the external drive at boot 
time. IF you are interested, Google 
will reveal lots of good 
information about fstab. In the 
specific case, a new drive will be 
used from time to time, to allow 
off-site backup. The command 


"sudo blkid" is useful for setting up 3 


and modifying the fstab entry. 


The computer is running 
Xubuntu, which includes the 
program "users and groups". For 


: the same password as on their 

: Windows system. I also needed to 
: set up the password in Samba. For 
: user jean, I entered the command: 


each computer to be backed Up, ! testparm 
added the user on the server, with 
And the server part is done. 


; sudo smbpasswd -a jean 


Then I responded to the 


ö prompts with appropriate 
: passwords. 


Then I created a folder for each ; 
user on the external drive. The last : 


; sudo nano /etc/samba/ smb. conf ; 


Add something along these 


: lines: 


: [Ijean] 

: path - : 
: /home/administrator/shares/je : 
: an 

: available 
: read only 
: browseable —-— yes 


yes 
no 


: valid users — jean 

: administrator : 

: public - no : 1 

: writeable — yes : A) ] 
: directory mask -— 0750 : 


: . Gord hada long careerin the 
(save and exit) ; computer industry, then retired for 
: . severalyears. More recently, he 
: . somehow found himself "The IT Guy" 
Then: : . ata 15-person accounting Firm in 
. . downtown Toronto. 
sudo service smbd restart 
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MEIZU út 


) 0j eled 
c avállable in the European Union 


€299.00 


sg BO AOUARIS 
14 E4.5 8. ESHD 


Life at vour fingertips 


Security 


How Much Do You Want, or Need? 


Written by Gary White 
: but much faster. We just took it for : in mere seconds, and since it"s an 


et me start with a huge : and blinds on our windows. These 


disclaimer. I am not a security 
expert. Im a long-time computer 
user, and, like most people, would 
like to think that my activities on 


the Internet are, for the most part, ; 
private and secure. But privacy and : 


security are very different from 


each other. Lets start with privacy. : 
: phone systems. Those who had 

: phones shared the lines with 

: others in their area. These were 

: known as party lines. One could 

: easily pick up the handset and 

: listenin on others" conversations. 


Through history, when 
technology gets involved, privacy 
on some level is given up for the 
sake of convenience. As an 
example, here in the States, early 


in our history, if vou wanted to get 3 
: for the ability to talk to and hear 
: the voice of a loved one far away. 


a message to someone far away, 
you sent a letter. Very private, but 
it took weeks, and sometimes 
months, to get that message to a 
person. We didnt have any 
technology to speed things up. 


Then along came the telegraph. 3 


Now we have technology! We got 
our message across the lands, but 


first you had to hand that message : i 
: again tookit for granted that when : 
: we searched the Internet or hit the : 
: send button, the email or text : 


to someone who then had to read 
it and telegraphit on until it 
reached its destination. Then 


someone on the other end wrote it ; 


down and delivered it. Less private, 


: granted that all these people were : 
: of good character and didnt 

: disclose the content of said 

: message to anyone who would 


listen. 


Then along came the 
telephone, but not like today s 


Again, some privacy was given up 


Fortunately, we still have the 


: ability to get a private message to 
: somebody: we mail a letter. 

: Slower, but technology affects : 
only the speed of delivery, not the : 
: content of the message. ; 


In the age of the Internet, we 


message we want to send just 
magically arrives at its destination 


electronic digital message, privacy 


: Security, on the other hand, are : 
: the tools we use to try to make our : 
: message, the computer, and our 

: lives, private. If we go back to that 
: letter we sent in olden times, we 

: might have used a wax seal with an : 
: imprint of some form to ensure 
: that the recipient of said letter 
: would know that it wasntt opened. :; 
: Party telephone lines became ; 
: private lines. Total privacy was 

: never ensured, but we tookit for 
: granted thatit was. 


Now, in the Internet age, most 


: of us go about our day taking for 
: granted that others are watching 
: out for us. We trust that our 


computers are secure because we 
update them regularly. We install 


: antivirus and anti-malware 
: software, Firewalls, passwords, 


encryption, put locks on our doors 
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: are all just the tools of security to 
: was always expected. But we were ; 
: wrong. Not only are others : 
: interested in what we say, but also : 
: on what we do on the Internet. 

: Here again, technology has reared 
: it ugly head and privacy takes a hit. 3 


help keep parts of our lives private. 


: Keeping your computer updated 


helps keep the unwanted at bay, 


: but most security breakdowns are 
: usually caused by the user, not the 


computer or software. 


So where am I going with this... 
you might ask. As we should all 


: know by now, "almost" everyone 
: and everything on the Internet 
: wants a little piece of our privacy. 


From search engines to retail sites 


3 to the recently released Windows 
: 10, everyone thinks that they know 


whatis best for you and aims to 


: provide it to you with every click of 
: the mouse, wanted or not. My 

: government, and probably yours, 

: has a vested interest in what 

: people are doing on or with the 

: Internet. 


What we need to ask ourselves 


: is how much privacy are we willing 
: to give up to use the Internet. 

: Some would say we shouldntt have 
: to give up any at all. Others Find all 
: this tracking to be a useful service. 
. Is the digital highway all that much 
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SECURITY 


different than a real highway? Do 
you care if someone sees you 
going to town, or only if they see 
you going into that establishment 
that only adults freguent? 


IF you are using a laptop with a 
USB stick loaded up with the Tails 
operating system, going from Wi-Fi 
spot to Wi-Fi spot in different 
towns, then privacy is high on your 
list. IF you never bother with 
updates, and are signed up to sites 
like Facebook or Twitter, and have 
a need to post pictures of that new 
flat screen TV and Tweeting about 
going on vacation for a week 
starting Saturday, then privacy or 
security isn t a top priority. 


We all view privacy differently, 
and conduct our lives based on 
that view. Do your homework, and 
ask guestions, as you find the right 
balance of privacy, security and 
usefulness you want from your 
computing and phone facilities. 
Issues with privacy and security 
will be with us for some time. 
Dont just take them for granted, 
no matter how convenient they 
are. 


USING BASH COMMAND 


HISTORY 
by Jeremy Boden 


W ould you like the command 
entry screen to be a bit less 
work to use? Instead of repetitive 
typing of commands, access to 
previously entered commands can 
be a big help. This feature works 
either in a "real" command entry 
screen (accessed via one of the 
CTRL-ALT-F1 thru CTRL-ALT1F6 
shortcuts) or perhaps more 
commonly, via the Terminal 
window option. 


It turns out that a command 
entry screen keeps a copy of 
(typically) the last 500 commands 
entered. One option would be to 
enter the history command 
(without any parameter5s), ! 
(currently) see a long list: 


[493 lines omitted] 
494 locate amstex.sty 
495 cd 

500 
501 


k 2 
502 history 


sudo aptget clean 
sudo du h /backup I sort 


Note that the commands 


entered are listed in reverse order, — 


so that the most recent command 


: is shown last. Actually, the history 
: command comes with a multitude 
: of options — which I shant discuss. 
: Instead, we can access the 

: command history in a simple 

: interactive way. 


It is a "well known fact" that 


: pressing the uparrow/downarrow 
: keys will scroll through your 

: command history; in particular the 
: uparrow will display the previous 

: command in a command screen, 

: cearly you will want to avoid 

: pressing this key too many times! 

: So we search our history using 

: "reverse intelligent search". 


My command screen is waiting 


: forme to enter a command, so it 
: reads: 
: jeremy(hector:-$ 


Il entered mlo - (I was expecting 3 
: to type mlocate) and my screen 


: changed to: 
: (reverseisearch) mlo! : 
; /usr/bin/updatedb.mlocate 


sudo 


: s Note that the search string is 


shown enclosed between a 
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backtick character and a single 


: guote and separated from the full 

: command by a colon. I chose to run 
: this command unchanged, by 

: pressing the enter key. 

: s IFyour search string includes 

: spaces, enter the exact number of 
: spaces reguired. 

: s Note thatin my search, it was 

: only necessary to enter a few 

: adjacent characters — it is not 

: necessary to start from the 

: beginning of the command. 

: a Itmay happen that your search 

: string matches a number of 

: different commands - to access an 
: older command, just press CTRL--R 
: again. 

: s To amend and run the retrieved 

: command, press the leftarrow or 

: rightarrow keys, type in the 

: alterations and press enter to run 

: the command. 

: s At any point, prior to pressing the 
; Pressing CTRL-RR, will cause this : 
: to change to: 

: (reverseisearch) ": 


: enter key, vou can abandon 
: running the command by pressing 
: CTRLAC. 


: After pressing enter (to run the 

: command) or CTRL--C to cancel any 
: command execution, your 

: command entry screen will return 

: toits original appearance. 
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nix was developed by AT8T 


during the 1970-s. Let"s take a ; j 
: Jersey.This building was named the : 


Bell Lab. 


guick look at how ATGT started its 
research lab, Bell Lab. This lab 
fostered the growth of: radio 
astronomy, the transistor, the 
laser, information theory, the Unix 
OS, and the C/C4- programming 
language. Employees of this lab 
won eight Nobel Prizes for their 
discoveries. 


e" 
ég 


Three years after Alexander 
Graham Bells death, AT8T created : 
the Bell Telephone Laboratories in : 
1925. Itis referred to as the "dea :f 
Factory." Over 4000 engineers and : 
scientists from varying 


LINUX LOOPBACK 


departments were assigned to a 


new building in Murray Hill, New 


The Bell Lab core rose out of 


: Volta laid the early ground work 
: for Bell Lab. 


Bell Labs was founded and co- 


: owned by Western Electric and 
3 : ATAT. These two companies 

: Volta Laboratory and Bureau. Volta : 
: was founded by Alexander Graham : 
: Bell. Volta Lab focused on the 
: development of sound 

: transmission for AT8T. Bell wanted : 
: to improve the guality of life for 
: deaf individuals, too, from the 

: research Volta Lab generated. 


researching technology and 


3 eguipment for the Bell Telephone 
: Operating System. They created 


telephones, telephone switches, 


In the 19205 Bell Lab 
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: demonstrated facsimile 

: transmissions in the United States. 
: Facsimile transmission was created 
: in Europe earlier. The development 
: of synchronized sound film arose, 

: ending the silent film era. Long- 
created Bell Labs to focus solely on : 


distance television transmission 


: was established by Herbert Ives to 
: Secretary OF Commerce Herbert 

: Hoover. One of the first encryption 
: tools, one-time pad cipher, was 

: and other transmission eguipment. : 
l : Joseph Mauborgne. 


developed by Gilbert Vernam and 


The 19305 saw the 


: development of radio astronomy. 
: During World War II, Bell Lab 
: developed SIGSALY that digitally 
: scrambled Allied speech 
: transmissions. Also, the first 
: photovoltaic cell was developed, 
: which laid the groundwork for 
: solar energy. In 1947, the First 
: transistor was developed, which 
NH: then started solid-state 

: electronics. Additionally, Claude 
: Shannon developed information 
: theory, which eventually gave way 
: to modern cryptography using 
3: various calculators. 


During the 19505s, the Lab 


A 


LINUX LOOPBACK 


developed electronic music 
created by computers, and 
improved eguipment for the Bell 
Telephone System. The first 
transatlantic phonecall between 
Scotland and Newfoundland was 
established. Computer network 
design thrived under Robert Prim 
and Joe Kruskal through 
contributions from their 
mathematical expertise. In 1958, 
the laser was First described in a 
technical paper by Art Schawlow 
and Charles Townes. 


Next month, Linux Loopback 
will cover Bell Labs history from 
: the 19605 to the present. 


6 


SJ Webb is a Linux Hobbyist and 
Research Coordinator. He enjoys 
fFishing, hot rodding, and spending 
time with his kids and wife. He 
thanks Mike Ferarri for his 
mentorship. 
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A UBUN I Ú GAMES 


I remember growing up last 
century and watching football 
(soccer) games on TV every 
weekend. My brother and I would 
always watch all of the important 
soccer games on TV with dad, so in 
a way its been kind of like a Family 
tradition to watch sports on TV 
(also live at a stadium, but thats a 
different topic). Every four years, 
the FIFA World Cup is a great 
excuse to watch games every day 
for a whole month. Soccer isnt the 


only sport we"ve enjoyed watching, ; 


theress also baseball, basketball, 
hockey, the list goes on and on.... 
and lets not forget the Olympics. 


Growing Up, I also enjoyed 


playing video games, but back then : 


there was no such thing as eSports, 


a fancy name for competitive video ; 
games. If you had told me that one : 


day I/d be watching other people 
play video games live from the 
comfort of my home, I wouldnt 
have believed it. Now, its become 


common to watch video games live : 


on a PCand to cheer for your 
favorite player or team. 


The latest trend for eSports is 


to broadcast your games while you 


: play them, or even broadcast other 

: peoples games. Some of the top 

: tournaments in recent eSports 
history have, in fact, been 


professionally broadcast with 
commentaries by broadcasters in 
multiple languages. 


Broadcasting has taken off as 


Mix — s" OBSO.11.2 (linux) - Profile: Untitled - Scenes: Untitled 
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Streaming Game 


sort of a separate entity that 
enhances the gaming experience. 
In fact, there are many casters 
(short for broadcaster) who have 
developed loyal fan-bases and are 
broadcasting games for a living. 
But lets focus on you, the Linux 
gamer, who may be interested in 
broadcasting your own games for 
others to see. Perhaps live 


Start Streaming 


Start Recording 
Settings 
Exit 
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broadcasting isnt your thing, but 
instead you would prefer to record 


: your games and post them on 
: Youtube or elsewhere. Whether 


you prefer recording or live 


: broadcasting, Open Broadcaster 


Software will help you accomplish 
your goals. 


I First Found out about OBS by 


: accident after going to 


http://www.twitch.tv/ while trying 


to watch a professional gamers 


: broadcast. While browsing through 
: the website, I came across Open 


Broadcaster Software and just the 


: name alone was enough to 


convince me to give it a try. Ever 


: Since, I have used it for a number 
: of things, not limited only to 


broadcasting but also for recording 


: my games and for taking 


screenshots of games that may not 


: support the use of screenshots in 
: Linux. On the twitch.tv homepage, 


if you scroll all the way down to 


: where it says "Become a 

: broadcaster" and click on the Lets 
Get Started" button, you ll be taken 

: to the twitch.tv broadcasting 

: software downloads page. There 


will be five broadcasting tools 


A 


listed here, however the only one 
thats available for Linux is Open 
Broadcaster Software. Not only is 
it the only open source tool, its 


have to pay money to use. All of 
them provide a free-to-try option, 
but eventually they would ask you 
to fork over some money, except 
for OBS. 


Instead of clicking on the 
Download button I suggest you 
click on the Setup Guide option. 
This will not only display a link to 
download the software from 
obsproject.com, but will also give 
you a much better set of 


instructions than the ones given at 3 
the obsproject.com website. This is : 


the guide that I followed when I 
set up OBS immediately following 
initial installation. 


To install OBS, you can go 
directly to the Open Broadcaster 
Project website at 


https://obsproject.com/ and click 


on the Linux option which will then : 


take you to the Linux Download 


page. Here, you will find that there 3 


is an Official Ubuntu build as well 
as unofficial builds for Arch Linux, 
OpenSUSE and Gentoo, as well as 
the option to Build from Source. 
Upon downloading the official 


Ubuntu build, it should 
automatically go through the 
: installing process via the Ubuntu 
: Software Center. 
also one of only tw ho that you dont : 
: —  Onceinstalled, vou should take 
: the time to adjust the settings so 
: thatit runs properly. When you 
: first fire up OBS, youll need to set 
: it up, otherwise it wont be able to 
: do much without initial user input. 
: Rather than try to explain to you 
: howtosetit up here, instead I 
! recommend you read either the 
: Ouick Start Guide, the Overview 
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Guide, or the one I mentioned from 
the twitch.tv website. Those 


: guides are pretty simple and easy 
: to follow, while at the same time 
: they contain allyou need to get 

: started. 


Dont be overwhelmed by 


: looking at all of the options when 
: you first look at the OBS interface. 
: Ina nutshell, youll find the main 


screen taking up the biggest real 


: estate in the main GUI. Thatss 
: where you ll see what it is that 
: you re recording/broadcasting. On 
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the bottom, second from the left, 
you II find a box that says Sources, 


: which is a good place to get 

: started and where youll choose 

: the source youll be 

: streaming/recording. Next to the 

: Sources, in the middle, youl find 

: the Mixer which you may need to 

: use from time to time. On the right 
: are most of the important options 
: — which are: Start Streaming, Start 
: Recording, Settings, and Exit. 


You ll first want to go to 


: Settings and do everything that 

: the guide reguires you to do. Out 

: of all the guides Ive suggested, my 
: favorite by far is the one provided 
: in the twitch.tv website. Although 
: Ive read all three of them, I ve 

: found the twitch.tv guide the 

: easiest to follow. IF you are 

: interested in streaming, youll also 
: need to create an account with 

: twitch.tv, so that you have an 

: outlet onto which you can stream 

: your games. Having created your 

: account, youll want to go to the 

: Dashboard on twitch.tv and click 

: on where it says Stream Key, then 
: click on Show Key, and follow the 

: prompts until your stream key is 

: revealed. Copy the stream key, and 
: then, under the Settings of OBS, 

: youll go to the Stream tab and 


under Service, select Twitch, then, 


A 


UBUNTU GAMES 


under Server, find the server 
closest to you. Finally, on the input 
box next to Stream Key, paste the 
stream key you copied earlier and 
you should be ready to go. 


IFyou followed all of the 
instructions properly, you should 
now be ready to go. Now just hit 
the Start Streaming button on the 
main interface of OBS and double 
check on twitch.tv to make sure 
that its working properly. Keep in 
mind that there is a slight delay in 
your broadcast so dont freak out if : 
you dont see anything yet. 
Instead, wait a few seconds to 
account for the latency delay, and, 
if you followed the steps properly, 
you should see everything you 
have been doing a few seconds 
earlier on your twitch.tv channel. 
You re successfully broadcasting 
your desktop! 


Now, just start up any game and 3 


it should automatically be 
streaming on your channel. When 
you re done playing, dont forget 
to click on the Stop Recording 
button. IF streaming is not your 
thing, and instead you are 
interested in recording, then click 
on the Start Recording button to 
record your game (or whatever 
else you want to record), and, 


when you re finished, click the 
same button which should now say 


: Stop Recording, go to the folder 
: thatyou selected to store your 

: recordings and find your recent 

: recording, then double-click it to 
: watch the video and make sure 

: everything worked fine. 


Ive been using OBS for a few 


: months now and I honestly think 
: its a great tool not only for gamers : 
: butalso for anyone interestedin  : 
: recording their desktop. For 


example, say that you re going to 


: : make an instructional video for a 
; friend, colleague, family member, 
: or a stranger who may need help, 


then OBS is the tool that will make 3 any game you find to watch 


3 broadcasts of it, and, if vou are so 


: it very easy for you to show them 
; exactly HW to doit. 


Under the Audio option, you 


. can select to record yourself 

: talking by choosing one of the 

: microphones available on your PC, 
: for example the one from your 

: web-cam. This makes it very easy 

: For you to explain everything while : 
: voure doing it so that, when the 
: video is created, they can see what ; 
: vouve done while you also talk ; 
: aboutit. 


After using it only a couple of 


: times I began asking myself how! 
: managed to go so long without 

: knowing about OBS and without 
: using it. Go to twitch.tv if you 

: haventt done so yet and look up 
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inclined, then try out OBS and 
begin broadcasting or recording 


; your own games. 


Ive got some exciting video 


; game articles planned for 

: upcoming issues, so until next 
; time, I hope you enjoy OBS as 
: much asl did. 


a 


Oscar graduated from CSUN, is a 
Music Director/Teacher, beta tester, 
Wikipedia editor, and Ubuntu 
FRKHS contributor. You can contact 
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CHA CHA CHA CHANGES 


Our admin went AWOL for months, and 
I had no idea if/when the site 
would/wouldnt get paid. Initially the 
plan was to move the site and domain 
name to my hosting, but eventually I 
managed to track him down and get 
the FCM domain name, and site hosting 
transferred to me. 


The new site is now up. HUGE thanks to 
Lucas Westermann (Mr. Command 8. 
Conguer) for taking on the job of 
completely rebuilding the site, and 
scripts, from scratch, in his own time. 


The Patreon page that I ve set up is to 
help me pay the domain and hosting 
fees. The yearly target was guickly 
reached thanks to those listed on this 
page. FCM is not going away. Dont 
worry about that. 


Several people have asked for a PayPal 
(single donation) option, solve added 
a button to the side of the site 


A big thank you to all those whove 
used Patreon and the PayPal button. 
Its a big help. 


https://www.patreon.com 
fullcirclemagazine 
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Editor - Ronnie Tucker 


! ronnie ofullcirclemagazine.org 


u? HOW TO CONTRIBUTE 
úg FCMH1O3 Webmaster - Lucas Westermann 


FULL CIRCLE NEEDS YOU! Deadline: adminofullcirclemagazine.org 


Podcast - Les Pounder 8. Co. 


podcastAofullcirclemagazine.org 


A magazine isnt a magazine without articles and Full Circle is no Sunday O8th Nov. 2015. 
exception. We need your opinions, desktops, stories, how-toss, Release: 

reviews, and anything else you want to tell your fellow "buntu users. Friday 27th Nov. 2015. 
Send your articles to: articles(ofullcirclemagazine.or 


Editing 6 Proofreading 
Mike Kennedy, Gord Campbell, Robert 
Orsino, Josh Hertel, Bert Jerred, Jim 

Dyer and Emily Gonyer 


We are always looking for new articles to include in Full Circle. For help and advice 
please see the Official Full Circle Style Guide: http://url.fullcirclemagazine.org/75d471 


Our thanks go to Canonical, the many 
translation teams around the world 
and Thorsten Wilms for the FCM logo. 


Send your comments or Linux experiences to: letters(ofullcirclemagazine.or 
Hardware/software reviews should be sent to: reviewsofullcirclemagazine.or ; 
Ouestions for OS8A should go to: guestionsofullcirclemagazine.org 

Desktop screens should be emailed to: miscofullcirclemagazine.org 

... OT you can visit our site via: fullcirclemagazine.org 


Getting Full Circle Magazine: 


mi EPUB Format - Recent editions of Full Circle have a link to the epub File on the downloads page. If you have any problems with 
the epub file, you can drop an email to: mobileofullcirclemagazine.org 


oD ! Issuu - You can read Full Circle online via Issuu: http://issuu.com/fullcirclemagazine. Please share and rate FCM as it helps to 
spread the word about FCM and Ubuntu Linux. 


Google Play - You can now read Full Circle on Google Play/Books. Either search for "full circle magazine" or 
pi click this link: https://play.google.com/store/books/author?id-Ronnie--Tucker 
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